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Abstract 

Ridefinite Quasi-linear come Composition-linear 

Weak affine light typing (WALT) assigns light affine linear formulae as types to a subset of A-terms in System 
F. WALT is poly-time sound: if a A-term M has type in WALT, M can be evaluated with a polynomial cost in the 
dimension of the derivation that gives it a type. In particular, the evaluation can proceed under any strategy of a 
rewriting relation, obtained as a mix of both call-by-name/call-by-value /^-reductions. WALT is poly-time complete 
since it can represent any poly-time Turing machine. WALT weakens, namely generalizes, the notion of stratification 
of deductions common to some Light Systems — we call as such those logical systems, derived from Linear logic, 
to characterize FP, the set of Polynomial functions — . A weaker stratification allows to define a compositional 
embedding of the Quasi-linear fragment QISRN of Safe recursion on notation (SRN) into WALT. QISRN is SRN, 
which is a recursive-theoretical system characterizing FP, where only the composition scheme is restricted to linear 
safe variables. So, the expressivity of WALT is stronger, as compared to the known Light Systems. In particular, 
using the types, the embedding puts in evidence the stratification of normal and safe arguments hidden in QISRN: the 
less an argument is impredicative, the deeper, in a formal, proof-theoretical sense, gets its representation in WALT. 
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1 Introduction 

Implicit computational complexity (ICC) explores machine-independent characterizations of complexity classes with- 
out any explicit reference to resource usage bounds, which, instead, result from restricting suitable computational struc- 
tures. ICC systems originate from recursion theory [Cob65, BC92, LM94, Lei95, Lei99, LM], structural proof-theory 

5 and linear logic [Gir98, Laf04], rewriting systems or functional programming [Hue80, Der82, Jon99, Lei93, Lei94], 
type systems [Hof97, Hof99a, Hof99b, HofOO, BNS00, BS01] . . . . 

This work is mainly concerned with the theoretical aspects of ICC whose essential goal is to support the evidence 
that the notions of the known complexity classes are natural concepts. Classically, a complexity class is defined in 
terms of some specific computational model. ICC aims to show that such computational models have mathematical 

10 counterparts, independent from them. Here, we approach ICC from a type-theoretical point of view. 

We start from generalizing the structural proof-theoretical design principles, used for Light linear logic (LLL) 
[Gir98] and Light affine logic (LAL) [Asp98, Rov99, AR02]. The reason is that, so far, such principles look quite 
restrictive. Indeed, we know that LAL is polynomially strongly normalizable: the normalization of every of its deriva- 
tions is polynomial under every rewriting strategy [TerOl, Ter07]. This limits the intensional expressiveness of LAL, 

15 hence of LLL, as witnessed by the difficulty to relate the computational behavior of LAL to the one of ICC systems 
based on principles other than structural proof-theory. In this direction, the only known relation is in [MO04]. There, 
a compositional, and intuition preserving, embedding of a fragment of Safe recursion on notation (SRN) [BC92] into 
LAL is given. The fragment can only use the safe arguments linearly, and is DSpace[Zn] -complete [Nee04]. 

We introduce Weak Affine Light Typing (WALT) as a typing system for pure A-terms. It generalizes a basic design 

20 principle of LAL and gives an extension of the formulae of LAL as types to standard A-terms that belong to a fragment 
of System F [GLT89]. The distinguishing feature of WALT, as compared to LAL, is its weaker, hence, more liberal 
definition of the deductions that can be duplicated in the course of the normalization. Recall that any deduction II of 
LAL that, eventually, will be duplicated by a cut elimination step has a conclusion of type \A, and must be defined in 
a way that it depends on at most a single assumption of type \B. WALT weakens this constraint. Any deduction II 

25 of WALT that, eventually, will be duplicated by a normalization step has conclusion of type I A, and it may depend on 
an arbitrary number of assumptions, one of which must be of type IB, while the others must have type $C, — here 
we adopt $ to name the "paragraph" modality of LAL — . Before II gets duplicated, it must evaluate to a deduction 
II' that depends on at most a single assumption of type IB. The correct duplication of the weaker form of duplicable 
deductions is obtained by extending the language of formulae of LAL. In particular, WALT builds formulae with two 

30 linear implications — o, -• , two modalities $, !, and a universal quantification. The new implication denotes the 
linear functions whose arguments are the assumptions, with type $d, of the deductions with conclusion of type IA. 
Intuitively, if a term M has type $A — • B, then a necessary condition to fully evaluating M N is that N becomes a 
closed term. 

WALT is poly-time sound. Every A-term typable by WALT can be evaluated with a polynomial cost under any 
35 rewriting strategy of a rewriting relation — > w : a mix of the standard call-by-name and call-by-value /3-reduction. The 
bound can be read from the structure of any deduction of WALT, but evaluates any typable A-term completely 
ignoring the types. So, WALT is a framework where the program part, represented by a typable A-term, and the 
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complexity specification part, represented by the corresponding deduction, are completely separate, like in DLAL 
[BT04] and [CDLRDR05]. 

40 WALT is more expressive than LAL. Let QISRN be SRN, where the composition scheme uses safe variables 

linearly: the safe variables in two, or more, functions being composed, must be different. Then, there exists an 

interpretation map [] from QISRN to WALT, such that, for every f(ni, . . . , rife, si, . . . , si) € QISRN, with k normal 

and / safe arguments, we can prove that: (i) if f(ni, . . . , rife, si, . . . , si) — n, then [/(ni, . . . , rife, si, . . . , Sj)] reduces 

fc 

/ A \ 

to [nj, using —>•.„,, and (ii) [/(ni, . . . , rife, si, . . . , s;)] has type $ m W, since [/] has type $W — • . . . — • $W — • 

I 

, A V 

45 $ m W . . . $ m W $'" W, for some m > 1, the type W being the one for binary words in WALT. 

Point (i) is the obvious behavior we expect from the embedding and shows that WALT is strongly more expressive 
that the known systems derived as restrictions of Linear logic to characterize FP. Point (ii) links m to the complexity of 
the definition of /, m depending on the number of nested linear safe compositions and of safe recursive schemes that 
define /. Moreover, the types explicitly show the layered structure of the normal and safe arguments hidden in QISRN. 

50 The type of a safe argument is m $-modality occurrences deep because a safe argument can be used in the course of 
recursive unfolding to produce the result. Orthogonally, the depth of the type of every normal argument is limited to 1, 
This allows to give to the normal arguments the necessary "replication power" required to duplicate syntactic structure 
in the course of an unfolding. This underlines a radical difference between the approach to the implicit characterization 
of FP, through Light linear logic-like systems, and the approach of the recursive ones. The formers say that the weaker 

55 is the possibility of a word to replicate structure, behaving it as an iterator, the deeper is its type. The latter, are based 
exactly on the reversed idea, though this cannot be formally stated in terms of any typing information inside QISRN. 

WALT is poly-time complete. It can represent and simulate every poly-time Turing machine. The result must 
be explicitly reproved. Indeed, we cannot take advantage of the existing proofs of poly-time completeness for LAL 
[Rov99, AR02] because of the call-by-name/call-by-value rewriting notion that WALT induces on the A-terms. 

eo Outline. Section 2 formally introduces WALT, gives some intuitions, and proves its structural properties useful 
to get the subject reduction, given in Section 3 after the definition of the hybrid call-by-name/call-by-value rewriting 
system. Section 4 is about the poly-time soundness of WALT. Section 5 formally defines QISRN in the style of [BW96]. 
Section 6 develops the combinators, of WALT, required to embed QISRN into WALT. In particular, Subsection 6.3, 
details the intuition about how we implement the virtual machine that interprets the recursive scheme of QISRN, 

65 hence of SRN. Section 7 formally develops the embedding. Section 8 delineates some possible research directions. 
Appendix A is about the poly-time completeness, while Appendix B details some of the proofs. 

Acknowledgements. My gratitude goes to Harry Mairson and Peter M0ller Neergaard who deeply read and help- 
fully commented [Rov02], the root of this work, and all those researchers that, in the last years, thanks to their results, 
indirectly helped me to write this work in a more accessible way than [Rov02], hopefully. Also, I want to thank the 

70 anonymous referees as well as Marco Gaboardi and Luca Vercelli that helped me to improve early versions of this 
work. 

2 Weak Affine Light Typing (WALT) 

WALT gives the formulae that belong to the language, generated by the following grammar: 

A :■- L \\A | %A 

L :■- a | A -« A \ $A -• A \ S/a.L 

as types to a subset of A, the set of A-terms, generated by M ::= x \ (\x.M) | (MM). 

Notations and definitions. A is the start symbol. A modal formula has form \A or %A, and, in particular, IA 
is !-modal, while $^4 is $-modal. L generates linear, or non modal, formulae. Notice that the linear formulae are 
closed under the substitution of linear formulae for a universally quantified variable. Also, the universal quantification 
cannot hide a modal formula by means of the quantifier. Generic formulae are ranged over by A, B, C. Linear 
ones by L, L'. M{ 1 / Xl ■ ■ ■ /x m } denotes the usual capture free simultaneous substitution of every Ni for the 
corresponding x,i, with 1 < i < m. If Ni, . . . ,N m are all equal, the substitution is denoted as M{ 1 / Xl ... Xm }. 
Parentheses are left-associative, so ((• • ■ ((MM)M) ■ ■ ■ )M) shortens to MMM ■ ■ ■ M. A sequence of abstractions 
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(\x\. . . . (\x m .M) . . .) is shortened by \x% . . . x m .M, for any to. An abstraction \x.M binds every free occurrence 
of x in M. Given a term M, the set of its free variables is FV(M). A closed term has no free variables. A v is the set 
of the A-terms which are values, generated by V ::= x \ (\x.M), where M is in A. The cardinality of a free variable 
in a term is no (2, M) and counts the number of free occurrences ofx in M : 

no(x,x) = 1 no(x,y)=0 (x ^ y) 

no(x, \x.M) = no(x, \y.M) = no(x, M) (x ^ y) 

no(x, MN) = no(a;,Af) +no(x,N) 

The size of a term \M\ gives the dimension of M as expected: \x\ = 1, |\a:.M| = \M\ + 1, \MN\ = \M\ + \N\ + 1. 



A 



T,x:L; A;£ h x:L 
T; A; £, (Q x ; {x : A}), (G y ; {y : A}) h M : B 



C 



T;A;£U{(e x ,e y ;{z:A})}hM{ z / x z / y }:B 
T,x:L;A;£\-M:B F;A,x:A;£ h M:B 



E 



T;A,£ h \x.M:L — o B V;A;£\- \x.M:$A — o B 

Tm ; Am ; £m \~ M:A—o B Y N ;A N ;£ N \-N:A AjklO, foranyC 
T M ,T N ;A M ,A N ;£ M U£ N h MN:B 

T; A;£,(e;{x:A}) h M:B 
r;A;£U{(6;0)} h \Zm7L4^~B ~° 7| 

Tm;A m ;£m \-M:\A^>B T n ;A n ;£ n \-N:\A ^/C{(^i).-.(^n)} 
T M ,T N ;A M ,A N ;£ M U£ N \- MN:B 

T; A; £, (Q,x:A; 0) h M:S 
T; A; £ U {(6; 0)} h \x.M: $A -• B ~* 1 

T M ;A;£ M hljiH 5 0;0;gArhA:$^ £jyC{(Q;0)} 

r M ;A;f M U^hMJV:5 ~* S 

r ; A';{(9';0)}h M:B r C A U [J^ 9, U U,^ 9^0iff3>,=0 
T; $A', A; {($9'; 0)} U {(9 i; $0} U . . . U {(6 m ; $,„)} h M : $B 

r ; 0;{(9';0)} h M:B TC9U$ 9 ^ => Dom($) n FV(M) ^ 
T'; A; {($9'; 0)} U {(9; $)} h M : !£ ! 

T; A;£hM:I a not free in T, A and £ T; A; £ h M:\fa.L 

T; A;£ h M-Ma.L W T;A;£\-M: L{L'/a} ^ E 



Figure 1: Weak Affine Light Typing 

75 The type assignment. Figure 1 defines Weak Affine Light Typing (WALT). WALT is a deductive system that 
deduces judgments T; A;£ h M : A, where M is a A-term. If we call type assignment any pair x : A where x is a 
variable and A a type, meaning that A is a type for x, then T and A are sets of type assignment and £ is a set of pairs 
(9; $) such that both 9 and $ are sets of type assignments as well. Namely, the judgments assign a type A to a A-term 
M from four sets of assumptions, in analogy to LLL [Gir98], LLC [TerOl, Ter07], and Dual Light Affine Logic (DLAL) 

so [BT04]. 
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Notations and definitions. Given a set of type assignments {xi : Ai, . . . ,x n : A n }, Dom({a; 1 : A±, . . . , x n : 
An}) = ■ ■ ■ ,Xn} denotes the domain of such a set. In general, T denotes a set of linear type assignments 
x : L G r, and we call x linear. A denotes a set of linear partially discharged type assignments to variables that we 
call linear partially discharged. £ denotes a set of partially discharged contexts. £ is either empty or it contains pairs 
as (81; $1), . . . , (0„; $„) where, for every i 6 {1, . . . , n}, the following four points hold: (i) <di is a set of elementary 
partially discharged type assignments to variables that we simply call elementary; (ii) $i is either empty or it is a 
singleton x : A. We call x polynomially partially discharged, or simply polynomial; (iii) only one between $1 , . . . , <£>„ 
can be 0; (iv) the domains of any two <£>i and $j are distinct, with i ^ j. 

For every £ = {j^Ai^ Dom(£) is (|J" =1 Dom(e,)) U ((j-Li Dom($,)). In every of the rules of WALT 
the domain of two sets of type assignments and ma y intersect when $nj an d &n are part of two partially 
discharged contexts £ m and £n that belong to two distinct premises of a rule. This observation justifies the definition 
of £m LI £n that merges £m and £ jy, preserving the structure of a partially discharged context: 

£m u £ jv = 

{(e M ,e w ;i) I (9 A /;$) (E £m and (G;v; $) €£ N }U 

{(9m; <J>m) I (6m; <£m) € £m and there is no 6jv such that (6jv; $a/) in £jv}U 
{(Ojv; "^jv) I (6jv; $>n) £ £jv and there is no Om such that (Qm; $iv) in £m} 

The sequence £ , (9; <£>) denotes that (6; $) £. Also, £ U {(0; 0)} = £ U = £. In every other cases, the domain of 
90 two sets of type assignments that belong to two distinct premises of a rule of WALT must be disjoint. A T is the subset 
of typeable elements M of A, namely, those for which a deduction II with conclusion V; A; £ h M:A exists, denoted 
by IT > V; A; £ h M : A. Finally, II' ^ II denotes that II' is a subdeduction of II, while U(R, ITi, . . . , II m ), with 
< m < 2, denotes a deduction II > F; A; £ h M : A, whose conclusion is the rule R, and such that the premises of 
R are the conclusions of IT d: n, with 1 < i < m. The notation II(_R) highlights that R is the last rule of IT. 

Intuition. WALT controls the number of normalization steps of its deductions by means of a weak stratification. 
"Stratification" means that every deduction IT of WALT can be thought of as it was organized into levels, so that the 
logical rules of IT may be at different depths. The normalization preserves the levels. Namely, if the instance of a rule 
R in IT is at depth d, then it will keep to be at depth d after any number of normalization steps that, of course, do not 
erase it. The only duplication allowed is of deductions IT that have undergone an instance R of the ! rule, namely the 
conclusion of IT has a !-modal type, introduced by R. Ideally, the ! rule defines a, so called, !-box around the deduction 
that proves its premise. The !-box may depend on more than one assumption, so generalizing the !-box of LAL, that, in 
the context of WALT, takes form: 

$;0;0hM:B $C{x:A} 
|;|;{(|;$)}hM:!5 

95 A first immediate consequence of generalizing the !-boxes is that every elementary partially discharged assumption 
they may depend on can only be replaced, as effect of the normalization, by the conclusion of $-boxes of WALT which 
exclusively depend on elementary partially discharged assumptions as well. Otherwise, we could build !-boxes with 
an arbitrary number of !-modal assumptions, immediately getting deductions that normalize with an elementary cost. 
This justifies the name elementary partially discharged type assignments. The correct substitution discipline for the 

100 elementary partially discharged assumptions is obtained by introducing the linear arrow -• . The rule — • / fully 
discharges them, while — • E forces the application of a function with type %A — • B to arguments which, if they 
normalize to a $-box, such a box can only depend on elementary partially discharged assumptions. 

Of course, not every !-box of WALT, with conclusion of type IA, can be replaced for the argument of a function 
with type IA -o B. Such a replacement can occur only if the !-box gets normalized to another !-box with at most one 

105 !-modal assumption. Otherwise, we would again loose the main property of the duplicable objects inherited from LAL 
which ensures the polynomial bound on the normalization cost. 

Summing up, WALT allows to type A-terms more liberally than LAL, while keeping the same normalization prin- 
ciples: the stratification is never canceled, and only deductions that, eventually, depend on at most one free variable 
may be effectively duplicated as effect of the normalization. This is why WALT does not enjoy a full normalizing 
procedure, the analogous of the cut elimination for a corresponding sequent calculus formulation. For example, the 
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deduction n ( \ 2 , , /:E;! , )(tuz) : 

It\x.yxx >y:\A -^\A -* 4;0;0 h \x.yxx:\A -» A 
n,„ z >0;0;{(io:^ -o A; 2: A)} h wz:\A 

w.A — o A,z:A\%\ {{w.A -o A;z:A)} h (\x.ya;a;) (W): ^4 
where Ilw.^xa, and 11^2 are, respectively, the two following deductions: 



x:A;$-%\-x:A 



y.\A -°!A -° A;0;0 h y.'.A -o)A -o A 0; 0; {(0; a : A)} h x :\A ' x : A- 0; h a: : A 



y:\A —o'.A — o A; 0; {(0; a: : A)} h yx:\A — o A ' 0; 0; {(0; a; : A)} 



7/:!A-o!A-oA;0;{(0;x:A)}l- jn : A 
y.'.A ^j!A — o A; 0; h \rE.yx2; :!A — o A 



I, 



A — nnr, r A 



W.A-e A:Q:<!)\- w.A-o A z:A;<b;®h z:A 
' ' L_ j£ 

W.A-o A,z:A:9;0h wz:A 



0;0;{(w:yl-o A; z:A)} \- wz:\A ' 

cannot normalize despite both the concluding — o _Ei in Tl(\ x . yxx )( wz ), and the last instance of — o L in H\ x . yxx seem 
to form a "detour". In fact, it is not a detour because replacing the conclusion of H wz for the two occurrences of A 
in H\ x . yxx would produce a deduction with a wrong instance of — o E. In analogy to [RR97], the rules that introduce 
no the linear implications — o, may simultaneously introduce a modal connective. In this way we use the A-abstraction 
to denote the occurrence of an assumption of a $, or of a !-box inside the A-terms. As a conclusion of this informal 
description of WALT, we observe the following: 

Fact 1 (WALT types a subset of System F.) Let II > T; A; £ h M: Abe given. Call T F and A F the set of type 
assumptions and the type that we can obtain from every x : B ofT; A;£, and from A by both: (i) replacing the 
115 intuitionistic arrow => of System F for every occurrence of both — o, and • , and (ii) erasing every occurrence of I 
and $. Then, Tp h M :Ap can be deduced in System F. 

Measures and structural properties. 

Level or depth of deductions and terms. The level or depth d(II) of a deduction II is the maximal depth of every of 
its subdeductions: 

d(n(A)) = o 

d(n(_R,n')) = d(n') + i (-Re {!,$}) 

d(II(i?, n')) = d(n') (R with a single premise, R <£ {!, $}) 

d{U(R, n', n")) = max{d(n'), d(n")} (R with two premises) 

If II > T; A; £ h M : A, then M has depth d(II), namely, a term inherits the depth of the considered deduction that 
types it. For example, the deduction H wy (\ x . x y. 



A 



y.a;$;$ h y.a A ( 0; 0; h \ x . X :f3 p 



x-.fi;®;® V- x:/3 



h«i:!a^$!/?' i ^7 0; 0; {(0; {y : a})} h y :\a ' 0; 0; h \x.x :!/3' 3 

■ Si 



»i:!a ^ $!^ ^ 7:d; )(J; {v:a})} h nij: 8^" 7 ' 0; 0; h \x.x : SI/3* 3 

3 -° B 

uj:!q -o -o 7; 0; {(0; {y : a})} h JUj/(\x.x):7 

where abbreviates (f3 —o (3), has d(H wy (\ x . x )) = 2 because we cross one instance of ! and one instance of $, going 
from the conclusion to the rightmost axiom. 
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Partial size of a deduction at a given depth. Srf(II) is the partial size of a deduction II, at depth d < d(II). Sd(II) 
is defined by induction on the last rule of II: 



bo(h(a)) 


= 1 




M(n(A)) 


= 


(d> i) 


s (n(c,n')) 


= so(n') 




Sd (n(c,n')) 


= sd(n') + 1 


(d>i) 


Bd(n(fl,n')) 


= sd(n') 


(-R G {V/,V£},d > 0) 


s (n(ii,n')) 


= So (n') + i 


fle^J.-oJi.-o/,,— /} 


Bd(n(B,n')) 


= sd(n') 


(Re{^> I,-oL,-oI $ ,— I},d>l) 


Sd (n(i?,n',n")) 


= S[i (n') + s d (n") + i 


(R G E,—° Ei, — • £},d > 0) 


s (n(i?)) 


= 


(i? €{!,$}) 


Sd (n(i?,n')) 


= s d -i(n') 


(i? G {!,$}, d > 1) 



The partial size at a depth outside the interval 0, . . . , d(n) is taken equal to 0. The partial size over estimates the 
intuitive notion of partial size at a given level. In particular, Srf(n^/(i?)) counts the instances of the rules A, — o I,—o 
I\,—oI$,—» I in Hm(R), which do not contract any variables in M after d instances of !, and $ from R. On the 
contrary, instances of — o E, — o E\, — • E and C, used to contract variables of M, are always counted. Also, we 
observe that we do not count the contractions at level because they cannot exist there. Reconsidering H wy t\ x . x ) 
above, we get: (i) s (II tlJ!/ (\ x . x )) = 3, (ii) s 1 (Il wy ^ x . x )) = 3, and (iii) 82(11^(^.3:)) = 4. (i) holds because we count 
the occurrences of ^> E, -<■ E\, and the single occurrence of A outside the scope of the instances of !, and $. (ii) holds 
because we count the single axiom with conclusion y : a; 0; h y : a, plus the occurrences of — o E and — o E\. (iii) 
holds because we count the axiom with conclusion x : f3; 0; h x : (3, the rule -<> I below it, and the occurrences of 
— o E and — o E\ . 

Width of a deduction at a given depth. w<j(II) is the width of a deduction IT at depth d < d(IT). Wrf(II) is defined 
by induction on the last rule of II: 



wo(n) 
wd(n(A)) 
wi(n(c,n')) 
wd(n(c,n')) 

■w d (U(R,U')) 

w 1 (n(7?,n',n")) 
w d (n(i?,n',n")) 
Wd (n(i?,n')) 






wi(n') + i 

wd(n') 

wd(n') 

wi(n')+wi(n") 
Wd (n') + w d (n") 
w d _i(n') 



(J?G{V/,Vi5,^/,^ 

(Re{- 
(Re{^E,- 



(d>l) 
(d>l) 

I},d>l) 

oE,^>E h — E}) 

> E u -m E},d> 1) 
(R G {$,!}, d > 1) 



The width at a depth outside the interval 0, . . . , d(II) is taken equal to 0. We observe that the first clause states that no 
variable contraction, by means of instances of C,—oE,—°E\, and -• E, can exist at level 0. So, we do not count those 
rules as part of the width at that level. We are essentially interested to observe the width at level one, where, relatively 
to the context, the substitutions — hence the possible duplications — may occur in the course of the normalization. 
To preserve the overall complexity bounds on the normalization the number of these duplications, namely the width 
that regulates them, cannot be too big. For example, let us assume ^-(\x.x)(\fy.f(fy))^ > l~~ i\ x - x )(\fy-f(fy)) '■ N — 
N, N being V<x!(a -o a) -0 $(a -o a). Then, wi(R(\ x . x )(\f y .f(f y ))) = wip^) + w i( u \fy.f(fy)) + 1 = 
w i( n \y./(/y)) + 1 = w i( n \y./i(/2!;)) + 2 = w o(^\ y . fl (f 2V )) + 2 = 2, counting -o E, and C. 

Lemma 1 (Width and size of deductions and terms.) For every deduction Ii: 

1. w d (II) < Sd(II), with 0<d< d(n). 

2. If U > Y- A; £ h M : A, then \M\< Y?}=o s d (n). 
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The two points hold by structural induction on IT. In particular the size of a term cannot be greater than the size of a 
deduction that gives it a type because the instances of the C rule disappear in the A-terms. 

The structural properties, here below, are the preliminary steps to prove the substitution property (Lemma 3 of 
Section 3), which, in turn, serves to show that WALT enjoys the subject reduction (Theorem 1 of Section 3) with respect 
us to a suitable notion of reduction, and with the wanted polynomial bound. Essentially, the structural properties here 
below say that the assumptions of a deduction can be weakened, or deleted, fix bounds on the number of occurrences 
of a variable in a typeable term, and highlight the structure of the subdeductions that introduce a variable in the type 
assignments and contexts of a judgment. 

Lemma 2 (Structural properties.) LetU(R) > T; A; £ h M:B, and £ = {(9 O ;0), (6i;$i), • ■ • , (9 m ;$ m )}. 

150 1. For every lineartypeL, there existsW {R)t>T{ L / a }; A{ L / a };£{ L / a } h M : B{ L / a } such that d(II) = d(lT), 
s d (IL) = Sd(n') and w d {n) = w d {W), for every d < d(IT). 

2. Then, no(x, M) < 1, for every variable x o/Dom(r) U Dom(A) U (U^Lo Dom(Oj)). 

3. For every d < d(H) and £', there is IT > T'; A'; £ U £ ' h M :A, such that T C T', A C A', d(n) = d(lT), 
w d (n) = Wd(n'), ands d (U) = s d (IL'). 

155 4. For every x G Dom(T) U Dom(A) U flj™ Dom(9 t )) U (U™ i Dom($ l )), 2/110(2;, M) = 0, then there exists 
II' > T'; A'; £ ' \- M : A such that x g Dom(r') U Dom(A') U £' with the same depth, width and size of 'IX 

5. For every linear partially discharged type assignment x:4gA, there is li'(R') ^ IT introducing x : A such that 
R' G {A,$}andU'(R') > V; A', x: A; £' h N:C, for some V, A', £', and C. If R' = A, then no(x, M) = 0. 

6. For every elementary partially discharged type assignment x : A G 0i, f/iere is n'(i?') ^< II introducing x : A 
160 such that R' G {A,$,!}ant/n'(i?/) > T'; A'; f (9', ar : A; $') h N :C, for some T', &',£',&,&, and C. If 

R' = A, then no(x, M) = 0. 

7. For every polynomial partially discharged assignment i:ie$iU...U $ m , f/iere > 
such that wi(II(i?)) > qi + ■ ■ ■ + q n and the following three points hold: 

(a) there is M' such that M can be written as M' { x / x i x i x %...x n }•' 

165 (b) for every 1 < i < n, there is n^(i^) D> T,; A,;^, (91; {x\ : A}), (9|.; {4, : A}) h : C h 

subdeduction ofH, with Ri G {^4, $, !}, that introduces x\ :A, . . . , x l q . :A; 

(c) q± + . . . + q n — 1 instances ofC, —oE,—oE\,—» E are required in the tree with the conclusion ofH as 
root and the conclusions of all the deductions IL^ , . . . , Tl' n as leaves to contract X . . . X q-^ ...... X ^ . . . Xq 

to X. 

170 8. IfM G A v , and B is IA, for some A, then R G {!} andFV(M) C Dom(£). 

9. TjfM G Ay, and B is %A,for some A, then R G {$, C} and PV(Af) C Dom(A) U Dom(S). 

Point 1 holds because the substitution of linear types for a variable of a type A cannot change the nature of A: it remains 
linear if it was as such before the substitution, or, in the other case, modal. Point 2 holds because, by definition, the 
domains of linear, linear partially discharged and elementary partially discharged type assignments that belong to 

175 distinct premises must be disjoint. This implies that no(x, M) cannot be greater that 1. We also admit weakening 
on the type assignments of the rules A, !, and $. So, a variable name may also not be occurring in M. Point 3 holds 
by using the weakening implicit in the rules A, !, $. Point 4 holds by omitting the use of weakening implicit in the 
rules A, !, $. Points 5 and 6 hold by simply inspecting the rules and observing that the only rules that introduce linear 
partially discharged and elementary partially discharged type assignments are A, !, and $. In particular, A can only 

180 introduce them as fake assumptions. Points 7, 8 and 9, by structural induction on IX 

Notation. The definition of partially discharged context justifies to shorten II t> V; A; £ U {(9; {x : A})} hM:B, 
orn>r; A;£,{(Q;{x:A})} h M:Bby means of II > T; A; £ U {(9; x: A)} h M:B, or II > T; A; £, (9; x: A) h 
M:B. 



3 Dynamic properties 



What we already know. [Asp98, AR02, BT04, CDLRDR05] remark the independence between the normalization 
of the deductions of some deductive system, derived from Linear logic for characterizing some computational class, 
and the standard /3-reduction of usual A-terms. Unsurprisingly, we have analogous phenomenon with WALT. We can 
observe, indeed, that the deduction II > y :\A —°\A — o A,w : A —°\A, z : A; 0; h (\x.yxx)(wz) : A exists, but we 
cannot build the one giving type to the /3-reduct y(wz){wz) of (\x.yxx)(wz). This because y.lA —°\A — o A, w.A — o 
I A, z : A] 0; h y(wz) :\A ^ A and w : A —°\A, z : A; 0; h wz :\A would require an instance of — o E\ where the 
domain of the linear type assignments in its two assumptions intersect. The problem persists even when the /3-redex 
contains only linear variables and no !-modal types at all. For example, consider the following deduction IIa x .m)(wz)> 
where x G FV(M): 

A A 

$;x:A;$Y- M:SB w : C -o $A; 0: h w : C -o SA z : C; 0; h z : C 

0;0;0 h \:c.Af :$A -o $S $ uj : C -° $A, z : C; 0; h i« : $A ~~° £ 

«7TC -o $A,z:C;0;0 h (\x.M)(wz) :$B ~~° 



185 The /3-reduction (\x.M)(wz) —>p M{ wz / x } would correspond to eliminate the sequence of rules ^> 1$ and — o E in 
H(\x.m)(wz)- Such an elimination would leave us with the conclusion of II' (—o E)\>w:C —° $A, z : C; 0; h wz : $A 
that must be plugged into the partially discharged assumption x : A of 0; x : A; h M : $B. But this is structurally 
illegal, since the conclusion of II' (—o E) and the partially discharged assumption x : A live at different depths. 

The restriction on the contexts of — • E. In Section 2 we have intuitively described how forces the correct 
substitution discipline, relatively to the elementary partially discharged assumptions. Let us assume, for a moment, to 
relax — • E to — • E 1 1 as follows: 

Tm; A; Em h M : $A B V N ; 0; gjy h N : %A givC{(9;0)} 

Tm, F N ; A; Sm U fjv h MN :B ~* E 

with an arbitrary r^r. Then, we could write the following deduction: 

l:C^U;»;ltHl:C^U A n 7 > 0; 0; h / : C 
r M ; A M -e M I" M:$A -. B x : C $A; 0; h ^7 : $A ] ° E T1 N > tu : _D; 0; h TV : A 

r M ,x:C -o $A;A M ;£ M H M(xI):B ~* B z : C; 0; {(0; to : £>)} h $ 

r Jj; A m ;£m H \a;.M(a:/):(C -o SA) -» 5 7 0; 0; {(0;io:D)} h \z.N:C -° $A ~° 7 

r„;A„;£„U{(0;W : fl)} h (\x.M(xI))(\z.N) : B ~° E 

where C stands for a — o a, and / for \x.x. Indifferently using the /3-reduction, or its call-by-value version, namely the 
one where (\x.M)N —*p u M{ / x } only if A is a variable or a A-abstraction, we would rewrite (\x.M(xI))(\z.N) 
to MN, typeable with: 

ITv t> w:D;0;9 h N:A 
r M ;A M ;£M h M:%A-*B 0;0;{(0; W :D)} h A^:$A $ 

r M ;A M ;£MU{(0;w:D)}h MN-.B ~* E 

Namely, a relaxed set of assumptions in — • E' would allow to generate a $-box that depends on a polynomial assump- 
190 tion. That $-box could be used for building a !-box, here inside M, with more than one polynomial assumption. 

The side condition on the rule !. We focus on the condition =/= Dom($) n FV(M) =/= of the rule 
!. It is justified by our goal to control the duplication at the level of the deductions directly inside the syntax of the 
typeable A-terms. Let us assume to have a typeable term (Xx.M)N where no(x, M) > 1 and let A be a value such 
that FV(A) C {y}, for some y. In principle we are in front of a redex. But this is true only if the type of y is !-modal. 
A relaxed version of ! like: 

r ; 0;{(e';0)} h M:B V C 6 U $ 6/0^$/0 
r'; A;{($6';0)} U {(6;$)} h M:\B - 

for example, would allow to derive: 

x:A,y.C;$;$^\w.M:B y£FV{M) 
r';A;{({x:A};y:C)}h\w.M:\B 

'This rule was used in an earlier version of this work and the associated counterexample was pointed out by an anonymous referee. 
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where \w.M depends on an elementary partially discharged assumption that cannot be duplicated in case the whole 
\w.M is. In a sense, the current precondition on the rule ! assures that it depends on elementary partially discharged 
assumptions only when necessary. 

There is also — o Eu The rule — o E\ prevents the existence of exponential free variables in the term M. To see 
why, let us assume to drop such a constraint and to consider the following derivation with a relaxed version — o E[ of 
-o Er. 

n M >x:C,y.A-$-q> h M:B x,y£FV(M) 

M;{({x:C};y:A)}\-M:lB~ ' ! n 7 > 0; 0; h I:A | 
9;9;{({x:C};9)}h\y.M:\A^\B ~° ' 0;0;0h/:b4 " , 
0;0;{({x:C};0)}h(\y.M)/:! J B ~* E] 

where A = a —o a and I = \x.x. Reasonably, (\y.M)I could be reduced to M{ 7 / y }, corresponding to: 

n A/{ i /y} > x : C; 0; h M{'/ y } :B xe FV(M) 

0;0;{({x:C};0)}hM{Vy}:!B ' 

with an illegal application of our current rule !. 

The formal counterpart. All the above observations imply what follows. 

Lemma 3 (Substitution property.) Let N be a value of A v , and x,x\,...,x n belong to FV(M). 

1. If Hm l> Fm,x : L; Am>£m I - M : B, and Iljv t> T^; An]£n l~ N : L, then there exists H m ^n > 
T M ,T N ; A M ,A N ;£ M U £ N h M{ N / X }:B such that: 

(a) d(n M p />} ) = max{d(n M ),d(riiv)}; 

(6) Wjpjf^^j) = w d (II M ) + Wd(IIjv), /or every d > 0; 

fcj s (n M{ « /x} ) < s (n M ) + s (iiy),- 

(WJ Sd(n M {^/ e }) = Sd(n A /) + s d (IIjv), for every d > 1. 

2. 7/TIm > rif;AM,i : A;£m h M : B, and II > Tn;An',£n ^ : $A, f/ien f/zere exists IL m jn /\ > 
Ta/, Tjv! Ajh, Ajv; £m LI f jv ^ M{ / x } '■ B such that: 

(a) d(II M{ iv /x} ) = max{d(IIj l /),d(n A r)}; 

(b) w d (n M{ N /x} ) = w d (U M ) + Wd(IIjv), for every d > 0; 

(c) s (n M{ iv /x} ) = s (n M ),- 

(d) Sd(U M { N / x }) < s<j(IIm) + Sd(IIiv), for every d > 1. 

3. //n M > r M ; Ai/^M^eM,^: ^};0) I" M:B, andH N > 0;0;£at h TV : $ A w/f/1 £jv C {(9jv;fl)}, f/zen 
there exists Tm> Am; ^m, {(9m; 0)} LI £m V~ M{ / x } : B such that: 

(a) d(n M{N/x} ) = max{d(IIjtf),d(ILy)}; 

(b) w d (II M{ jv /x} ) = W d (II M ) + w d (U N ), for every d > 0; 

(c) s (II M{ iv /x }) = s (II A /); 

(d) s rf (n M{ N /x }) < Sd(n M ) +Sd(IIjv), far every d > 1. 

4. Let n M t> T M ;A M :£ M , (<D;x : A) \- M : B, no(x,M) = 1, and H N > T N ;A N ;£ N h iV : !A, with £ N C 
{(0iv; y : C)}. r/ie«, f/iere exz'sfs r A f , Tat; Am, Ajv; <?m LI £^ h M{ / x } -B such that: 

(a) d(n M {« /x} ) = max{d(n M ),d(ITv)}; 

(») w d (n M {iv/ x }) < Wd(IlM), for every < d < 1; 

(c) s (n M{ » /i} ) = So(IIm); 

(d) s rf (IlM{« /x }) < Sd(IlAf) +Sd(IIjv ), for every d > 1. 
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5. Let II M >r M ; A M ;£ M , (l;i:i)hM:6, no(x,M) > 1, andU N >Y N ; A N ;£ N h N:\A, with £ N C {(0;y: 
C)}. TTzen, f/zere exwfs Tm, Tjv; Am, Ajv5 £ m LI £jy h M{ / x} '■ B such that: 

(a) d(n M{ « /i} ) = max{d(n M ),d(n w )}; 

(b) w d (n M{ iv/ x j) < w d (Jl M )forO <d<l; 
225 (c) So(n M{ jv /aj} ) = so(n M ); 

frfj s^IIjup/,,}) < s d (n A /) + no(x,A/)s d (njv),/orevery^ > !• 

The lemma above can be proved by induction on the derivation 11^/, using Lemma 2. 

As a first observation, let us look at point 5 of Lemma 3 here above. It says that the width at level and 1 cannot 
increase. The reason are the requirements on TV which must be a value with a !-modal type and with at most a single 
230 free variable. This means that the deduction that gives the type to N can contain instances of the rules C,—° E,—° E\, 
and — • E — those which may increase the width — only at levels at least 2. On the other side, point 4 of Lemma 3 
says that when a polynomial variable occurs free only once in M we can relax a little bit the conditions on N: it must 
still be a value with a !-modal type, but it may depend on more than a single variable. 

The subject reduction above suggests how to restrict the /3-reduction on the A-terms so that those ones which are 
235 typeable by WALT enjoy the subject reduction. 

Definition 3.1 (Rewriting A.) • Generic rewriting relation. The relation -t m CA 2 is the contextual closure of 
the rewriting relation ►CA 2 , such that (\x.M)N ► M{ N / x } if, and only if: 

either no(x, M) = (1) 
or no(x, M) = 1 and N € Av (2) 
or no(x, M) > 1 and N £ A v , FV(N) C {y}, for some y (3) 

— >J is the transitive closure of—> w , while — >* is the reflexive and transitive closure of~^ w . M is in -^ w -normal 
form, and we write nf (M), if—* w cannot rewrite M anymore. 

• Rewriting relation by depth. Assume IT > T; A; £ h M : A. Let M —> w N by means of the reduction of a redex 
(\x.P)Q ~^> w P{® / x). If (\x.P)Q is at depth d in II, then we write M — -> w N. M is in -^> w -normal form at 
240 depth d, and we write nfd(M), — -* w cannot rewrite M anymore. 

Subject reduction. We prove the subject reduction (Theorem 1 below) in two steps. First we show that it holds at 
depth 0. Then, we extend the result to any depth, observing that depth d > 0, of any deduction II is, in fact, the depth 
of every subdeduction of II whose conclusion is at depth d. 

Lemma 4 (Subject reduction at depth 0.) Let us assume (\x.M)N be at depthO inll(\ x .m)n^'i A; £ \~ (\x.M)N: 
245 A. If(\x.M)N -> w M{ N / X }, then there exists YV M {« /„} > T; A; £ h M { N / x } : A such that: 

1. d(II M{ iv /x} ) < d(U { \ x , M)N ); 

2. w d (H M{ N /x} ) < w d (II(\ x . M )jv), with d < 1; 
3- s o(n M {«/ x }) < So(n ( -y a .. M )j V ); 

4. Sd(II M {Ar/ x }) < s d (IT(\ x . M )jv) +no(x, M)sd(IIjv), for every d > 1. 
250 The lemma can be proved proceeding by cases on the definition of — > w , using Lemma 3. 

Theorem 1 (Subject reduction.) Let us assume Hm > T; A; £ h M : A. Let us assume also M — -* w N by means of 
the reduction of a redex (\x.P)Q -^> w P{® / x } at depth d < d(IlM) in TIm- Then, there exists II n > T; A; £ h N : A 
such that: 

1. d(IlAr) < d(IIjvf ), namely the reduction cannot increase the global depth. 
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255 2. Wj(IIjv) < Wi(IlAf), for every < i < d + 1, namely the reduction cannot increase the width at depth 
0,l,...,d+l. 

5. Sj(IIjv) = Si (Iljvf), /or every < i < d, namely the reduction cannot alter the size at depth 0, 1, . . . , d — 1. 

4. Sd(IIjv) < Sd(IIjvf), namely the reduction strictly consumes structure at the depth it occurs. 

5. Si(IIjv) < Sj(IIm) + no(x, P) Sj(IlQ), /or every d < i < d(IlM), namely the reduction may increase the 
260 dimension at depth d + 1, d + 2, . . . , d(IIjv/) dm? nof foo much. The bound is given by the partial size ofHq and 

by the number of occurrences of x in P. 

It can be proved proceeding by induction on Hm, using Lemma 4. 



4 Polytime soundness 

We want to prove that WALT is poly-time strongly normalizing, mixing ideas, observations and terminology from 
265 [Asp98, TerOl, AR02, MNM02, Ter07]. We first prove the poly-time weak normalization by showing the existence 
of a canonical strategy, composed by normalization rounds at a given depth, that normalizes every deduction Hm in a 
time which is bounded by a polynomial in the dimension of Hm. Then, the poly-time strong normalization follows by 
showing that the canonical strategy is the worst one. 

4.1 Weak polytime soundness 

270 Rounds at level d. Given a deduction II m > T; A; £ h M : A, a round at level d < d(IIjvf) from M to N n is a 

sequence M = Nq — -* w Ni — -* w ■ ■ ■ — N n _\ — -* w N n of reduction of redexes, for some n > 0, abbreviated 

as M ~> N n . A complete round from M is every round such that nf ( j(A r „). Notice that the rounds from M to N n are 
not unique since every Ni may have many redexes at level d that we can reduce in any order. 

Corollary 1 (Behavior of every round.) Let Hm \> Y; A; £ h M : A be given. 
275 1. There is at least one complete round M ~> N n from M. 

2. Every complete round M ~* N n from Ad is such that n < Sd(IIjvf). Namely, the complete rounds from M are 
strongly normalizing in, at most, S^Um) steps. 

3. For every complete round M N n from M, the derivation IIjv n is identical to Hm, at every level i < d — 1. 
Namely, nothing changes in Hm in the course of the round at the levels 0, 1, . . . , d — 1. 

280 Corollary 1 follows from Theorem 1 which proves that a normalization step at level d in Hm, that corresponds to the 
reduction of a redex, strictly shrinks the dimension at that level, while preserving the structure at 0, 1, . . . , d — 1. 

Canonical strategy. Given a deduction IIm t> T; A; £ h M : A, a canonical strategy from M to Nd is a sequence 

M = N N x "vf . . . ^ Nd~i ~* of complete rounds, abbreviated as i\/ ==> A'rf. Notice that we say "a 
canonical" instead of "the canonical" because the complete rounds that define any canonical strategy are not unique. 
285 A complete canonical strategy from M is every canonical strategy such that ni(Nd). Beware that we do not require 
nf d (N d ) only, but the full nf(N d ). 

Corollary 2 (Behavior of a canonical strategy.) Let H M > T; A; £ h M : A be given. 

1. In every canonical strategy M = Nq iVi ~i> ■ • ■ d -~^ N d -i d ~~^ N d from M, for every < i < d, we have 
nfj(ATj) with < j < i. Namely, every H^, with < i < d, is normal at level 0, 1, . . . ,i — 1. 

290 2. There is at least one complete canonical strategy M °^ = ^ 1 N d from M. 
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3. Every complete canonical strategy M =^=> N^from M is such that d < d(IIj^) + 1. Namely, every complete 
strategy from M is strongly normalizing in, at most, d(Iljv/ ) + 1 complete rounds. 

Corollary 2 is a consequence of Corollary 1 which says that every complete round terminates, and of Theorem 1, which 
assures that the maximal depth of IIm cannot increase as the normalization proceeds. 
295 How to get the polynomial bound. Let us assume both that LTjv/ > T; A; £ h M : A and that we shall be able to 
prove the following proposition: 

i— 1 

Proposition 1 (Bounding the size of the result of every complete round.) Every complete round iVj-i Nifrom 
iVj_x, with < i < d — 1, implies jlljVj | < p^_i(|IIjVj_ 1 1), where W fl polynomial of maximal degree d(pi-\). 

Theorem 2 (Bounding the result size of any complete canonical strategy.) Let M = N °' : ==> N d ( M )+i be a 
300 complete canonical strategy from M. Then |IIjv d(M)+1 | <p(|IIm|), such that d(p) = Ili=o M @(Pi)- 
To prove it, we observe that, from Proposition 1: 

|njv d(A;)+1 | < Pd(M)(|njv d(M) |), |njv d(M) | <p d( A/)-i(|n J v d(M) _ 1 |),...,|n JV2 | <pi(\n Nl \),\n Nl \ <p (\n No \) 

which implies |IIjv d(M)+1 1 < Pd(M)(Pd(M)-i(- ■ •Pi(Po(|n M -|)) ■ ■ ■))> where: 

d(n M ) 

9(Pd(M)(Pd(M)-l(---Pl(P0(|IlAf|)}...))) = n 9(Pi) • 

i=0 

Corollary 3 (The normalization of WALT is poly-step.) There is a k such that ILm normalizes in a number of steps 

which is o(|n M | fcd(nM) ). 

To prove it, let k be the maximal of the values among d(po), . . . , d(pd(n M )) of Theorem 2. Then, the number of 
redexes we have to reduce in the course of the complete canonical strategy is bounded by: 

d (nju) fe d ( n M ) |fc d < n JU> + i , n +1 

E inMf < E in-r = ' A l , ! e o (fc ^>) , u Sing - • 

i = i=0 1 1 i=0 

305 Theorem 3 (Weak poly-time normalization.) Every IIm normalizes in a time bounded by a polynomial in |IIj\/|, 
whose degree depends on cI(IIm)- 

To prove it, we use Corollary 3 and the known fact that a single /3-reduction of standard A-calculus, of which — > w is a 
special case, can be implemented by a Turing machine with a quadratic overhead in the dimension of the term being 
reduced [Asp98, TerOl, Ter07]. 

310 4.1.1 Proving Proposition 1. 

Essentially we have to prove two facts. One is that every normalization step does not produce too many copies of the 
deductions that need to be replicated. The other fact is that the deductions of WALT, forming them a subsystem of 
System F, are essentially acyclic. We start focusing on the first property. 

Corollary 4 (Subject reduction iterated by a round.) Let us assume ILm > T; A; £ h M :A. Let us assume also that 
315 in a given round M = No > w N± — > w ■ ■ ■ — > w 

— 1 * W 

N n , for some n > 0, every step Nj — > w Nj + i, 
with < j < n — 1, rewrites a redex (\x.Pj)Qj — -+ w Pj{Q j / x }. Then, Hn„ t> T; A; £ h N n : A is such that: 

1. d(njvj <d(n M ). 

2. Wj(IIjv„) < Wj (n^f), for every < i < d+1. 
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3. Sj(IIjv n ) = Sj(IIjvf), for every < i < d. 

320 4. s^IIatJ < s d (U M ). 

5. Si(IIjv„) < Si(IIjvf) + w d+ i(n A/ )(X;"r 1 Si{H Qj )), for every d < i < d(n M ). 

All its points follow by applying Theorem 1 on every step of the round. We develop some details of point 5. The- 
orem 1, applied to every (\x.Pj)Qj — -+ w Pj{®j / x }, with < j < n — 1, implies Sj(IIjj. +1 ) < Sj(IIjv<) + 
no(x, Pj) s i {JlQ ] ) < Si(Tl Nj ) + w d+1 (U N:i ) s^IIq^ ), for every d < i < d(U M ), because, by definition, no(x, Pj) < 
Wd+i(HNj )■ So, point 2 here above implies: 

71 — 1 n—1 

Si(ITv„) < Sj(IIiv ) + Wd + i(IIj\r,,.)si(IlQ 7 .) < Si(rijv ) +w d+ i(Iliv ) ^s^IIqJ . 

3=0 3=0 

Now, let us assume we shall be able to prove: 

Proposition 2 (Bounding the size of the substituted arguments.) Let us suppose the assumptions of Corollary 4 hold. 
Then, S"=o s i( n Qj) ^ s i ( n itf), for every d <i < d(n M )- 

Proposition 1 is directly implied by Corollary 4 and Proposition 2 by assuming that M = N ~> N n is complete and 
observing: 

s i(Hjv„) < Si(rijv ) + w d+1 (n No ) Si(n No ) < Sj(iijv ) + Si(njv ) 2 < 2\u No \ 2 , 

325 where the two terms M, N n in the round M = No ~» N n here above coincide to Ni—i, Ni, respectively, of Proposi- 
tion 1. Consequently, we get Theorem 3 about the weak poly-time normalization of WALT. 

4.1.2 Proving Proposition 2. 

This amounts to check the absence of cycles. For doing this, we trace how the copies of the same deduction compose 
in the course of a normalization. The main tool for tracing are the substitution traces, or simply, traces. They record 
330 how we compose (sub-)deductions that conclude by a modal rule as the normalization proceeds. We are interested to 
them since they determine the size growth at the levels deeper than the one a normalization step takes place. 

(Substitution) traces. Every (substitution) trace is a set of sequences of deductions of WALT, defined as fol- 
lows. The empty set of sequences is a trace. For every I1m(!) > T, A,£ h M :\A the singleton {t$(rjjvf(!))} 
is a trace, <f> containing the single polynomial variable in Dom(£) n FV(M), if any. Otherwise, $ is 0. For ev- 
ery n^/($) t> T, A,£ h M : $A, the set l+J^g jr{t{a;} (IIa/ ($))}, is a trace, where T is the set of polynomial vari- 
ables in Dom(£) n FV(Af), if any. Otherwise, the trace is a singleton {t0 (IIjv^ ($))}. Finally, for any T' ,T" , let 
*i = W:re.7 r 'u.7 r "{t{x}(np 1 x > • • • > IIp« )} and = {t$(IlQ 1 , . . . , IIq^)} be traces. Then, we obtain a trace by plug- 
ging ti (on top of some of the sequences) in t±: 

( |+) {t*(n Pf ,...,np^,n Ql ,...,n Q j})a( |+J {t {w} (n P y,...,n J ,» > )}) . 

Intuition about traces and initial traces, introduced here below. Initial traces can be thought of as traces assigned 
to a deduction we want to normalize. Those which are not initial can be thought of as built stepwise and associated to 
the deductions as far as the normalization proceeds. 
335 Assigning (initial) traces to a deduction. Let ITj/ > V; A; £ h M : A. An assignment of traces to Hm is a map 
ffl(Ilj\f) = lj np XI j M {ta(Hp )} such that, for every subdeduction Hp a (R) oTo; Ao;£o I - Po:Pof IIm, ta(Ilp (R)) 
yields a trace, as follows: 

1. ta(U Pa (R)) = {^(ITp^np,,. . . ,n Pm )} for some m > 0, if R =!, B =\A Q , and 

• for every 1 < i < m — 1, P, is a value, and IIp 4 (!) \> Tf, A,; £i, {(0; X{ :Ai)} h P, : !Aj_x; 
340 • n Pm (!) > r m ; A rn ; £ m U {(0; $ rn )} h P m : L4 m _i. 
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2. ta(n Po (R)) = (yf =1 {t$ m .(np ,n Pil ,...,np im J})W(y| =1 {t 4 ,(npJ}),forsoniep,g> 0,ni,...,np > 1, 
if P = $, B = $A , and 

. n Po ($) > r ; A ; £ , (0; x° 11 :A 1 ),..., (0; x? ni : Ax), (0; x° pl : A p ), . . . , (0; x£„ p :A p ) h P : $A; 

• for every 1 < i < p, and mi, . . . , to p > 1: 

345 - all the variables xu , . . . , Xi nj are contracted to the same variable Xi in IIm ; 

- P im , is a value, and II Pm . (!) > T imt ; A imi ; £ imi U{(0;$ m< )} hP im< : !A im< _i; 

- A 4 = A ?;o ; 

- for every 1 < j < m 4 - 1, P M is a value, and n Pij (!) > ; A„ ; % , { (0; y^ : Aij ) } h P^ : lA^-i; 

• if we say that {z%, . . . , z q } is the set of all the polynomial variables in Dom(£ ) H FV(Po), namely the set 
350 such that {zi, . . . , z q }r\{x\ ll . . . , x\ ni , x pl , . . . , Xp„ p } = 0, then, for every 1 < j < q, $^ contains 

the single polynomial variable Zj in Dom(£o) H FV(Po), if any. Otherwise, there is a unique $j = 0. 

3. to(II Po (P)) =0 if P £{$,!}. 

The assignment ta(ITM) is initial, if m = in clause 1, and p = in clause 2. Namely, every initial assignment 
assigns at least {t0(II Po )} to ?a(II Po (P)), with P 6 {$, !}. Moreover, n Pil , . . . , n Pm . in the definition of fa(II Po ($)) 
355 represent deductions whose subject is a value, with a modal type, replaced for xu , . . . , Xi ni . 

As consequence, the following lemma shows that we can transform a trace assignment by means of the normal- 
ization steps. In particular, it says how a reduction step can modify the trace of a subdeduction that concludes by an 
instance of the rule $, or !. The trace is modified by plugging the trace, associated to the deduction, which is argument 
of the /3-redex, on top of the modal rules occurring in the deduction which is the body of the function in the /3-redex. 

360 Lemma 5 (Stepwise transformation of trace assignments.) Let Hm d> T; A;£ h M : A, and fa(IIj\/) be an as- 
signment of traces to IIm- Also, let us suppose that, for some < d < cI(IIm)» M — -* w N by means of 

(\x.P)Q — -+ w P{Q ' j ' x }, where no(x, P) > 1, IIq > Tq; Aq; £q h Q :\A, and fa(IlAf) is such that, for Hq ^ ILm, 
we have fa(ng) = {t$ (Hq 1 , . . . , IlQ m )}. The reduction step induces ta{Y\isi) from fa(IIjv/) as follows: 

1. ta(Tl N ) contains ta(Jlp, { Q{y/ z} / v} ) = {t{ y } (IT Pl il Pn , U Ql H-Q m {v / z })}, for every IL P , (!) ^ Tl M 
365 such that: (i) fa(IIj\/) contains fa(llp(!)) = {tj y }(n Pl , . . . , II Pn )}, (ii) y is contracted to x in 1T P by occur- 
rences of the rules C,—° E, — o Pi,— • E, and (Hi) $q = {z}. Otherwise, if (f>g = 0, then ta(TLpirQi i) = 

{t (n Pl ,...,n P „,n Ql ...,n Qm )}. 

2. ta(n N ) contains ta(n pi{Q{ *i /xi} .„{Ql*™/*}/ Xm }) = ^(WiliO^}^., . . . ,n P ^,n Ql . . . , n Qm{ * l/j} )}), 
/or every n P /($) ^.Um such that: (i) ta(n^/) contains ta(Hpi($)) = S l±l (l+J™ 1 {t{ a . i }(IIpi, . . . ,II P i )}), f//j 

370 f/ze variables X\ , . . . , x m are contracted to x in ITm fey occurrences of the rules C, — o E, — o E\ , — • P, a«t/ ( Hi) 

4>q = {z},/oriome m > 1 anc/ ni, . . . , n TO > 1. Otherwise, if^Q = 0, we /zave that ta (Tip > i \..jq i x \) = 

s w (l±J.™ i{t (n Pf , . . . , n PAi , n 0l . . . , n Qm )». 

ta(ilAr) is identical to ta(JlM) everywhere else. 

To prove Lemma 5 we start observing that Q must be a value. Lemma 2, point 8, implies that the last rule of IIq is 
375 an instance of !. So, X is a polynomial variable in n P . In relation to x, Lemma 2, point 7, implies the existence of 
n > 1 subdeductions of II P , namely of ITm, such that, for some q%, . . . , q n > 0, wi (II P ) > q% + . . . + q n > no(x, P), 
and, for every 1 < fc < n, (P fc ) > T fc ; A fe ; 5 fcj (0f ; : A), . . . , (6^ ; a;^ : A) h P fc : C fc , with R k e {A, $, !}, 
is a subdeduction II P . Namely, every 1T P ^ introduces , ■ ■ ■ , x k qk that will be contracted to x. Let K. be the maximal 
subset of {1, . . . , n} such that, for every k 6 K, Rk G {$, !}• The points 4 and 5 of Lemma 3 imply that we can build 
380 the derivations II k x fc (Rk) of II at. Now, if R k =!, then qk = 1 and we define 

1 Ik 

ta(Yl } ^ ^ ^(0) as m P om t 1 here above, by identifying y with x\. Otherwise, if Rk = $, we define 

ta(H k ,1- )($) as in point 2 by identifying every xi, x m with xf, x* . 

1 «fe 
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Theorem 4 (Nature of the elements of the sequences in a trace.) Let U M > V; A; E \- M : A with ta(U M ) initial. 
Also, let M = No — -* w . . . — -* w N m be a round, for some m > 0. For every Hp ^ IIjv m ." 

385 1. Every element of every sequence in to(IIp) is a subdeduction o/TIjv . 

2. Every pair of deductions IIq/ , IIq// that occur in a given sequence ofta(Hp) are distinct subdeductions q/TIjv - 

To prove the first point here above we proceed by induction on m. If m = 0, the statement holds by definition of 
(initial) trace. If m > 0, then the statement holds by Lemma 5 where the step iV ro _i — -+ w N m defines ta(IIv m ) using 
the trace of to(ILy m _i ) which, by induction, contains subdeductions of njv - 

390 For the second point, let us suppose ta(IIjv m ) contained a sequence of subdeductions of IItvo in which the two 
occurrences IIq/, IIq// are, in fact, the same occurrence IIq such that IIq ^ IIjv . This means that, in the course 
of the normalization, we have a sequence IIq = Hq () ,Hq 1 . . . |IIg TO _ 1 ,IlQ m = IIq, with m > 0, such that the 
conclusion of IIq; is plugged into an assumption of Hq^, for every 1 < i < m. This would mean to have a cycle in 
the normalization procedure, contradicting Fact 1, saying that WALT is a subsystem of System F, which is strongly 

395 normalizing. 

Proposition 2 as a corollary of Theorem 4 and Corollary 1. Let us assume that the hypothesis of Theorem 4 

hold, M = Nq ~i N m being a complete round. For every lip such that both Hp ^ ITv m and to (lip) ^ 0, we can 
say that every sequence t$ (Hp 1 , . . . , IIp n ) that belongs to to (lip ) only contains distinct instances of subdeductions of 
IIjv , thanks to the two points of Theorem 4. Moreover, m < Sd(IIv ) thanks to Corollary 1. This, by the definition 
400 of partial size implies Y^jLi s i(Hpj) ^ s d(njv )> f° r every d <i< d(IIv ), which is the statement of Proposition 2. 
So, Theorem 3 holds and WALT is weakly poly-time normalizable, at least. 



4.2 Strong polytime soundness 

Our goal is to see that every normalization strategy which is not canonical cannot be worst in terms of the number 
of steps it can perform. We assume to have some IIjv , and we observe the differences between the complete round 

Nq ~> N m and any other reduction sequence defined as follows as a perturbation of the round: 

No >mi ^Vl *w ■ ■ ■ >ui Ni *w Ni+l — *w ■ ■ ■ — >w N m 

ld+1 

N' — i N' N' 

We call perturbation step at level d + 1 of the complete round Nq N m the step J.<j+i> it stands for a single step 

Ni -^4 N- that reduces a redex (\x.P)Q -^f w P{ Q / X } which we may assume be in some II ^ IIjv, ■ Theorem 1 
405 implies that the perturbation step at d + 1 does not modify the size at depth d. Both IljVj and II N i coincide ad level 
d, and it is correct to keep reducing N[ to N' m in the same number of steps we need from Ni to N m . However, the 

perturbation produces Sd+i(IIjv') < Sd+^ILvJ. The consequence is that, given the two complete rounds N m d -^> N ni , 

and N' m % 1 N' n2 , we have m > ri2- In particular, if none of the rewriting steps in Ni ~» N m , or in JV t - ^ N' m , 
produces copies of IIjv", which would mean to replicate (\x.P)Q, then n\ = n<2, + 1. Indeed, reducing (\x.P)Q as a 

410 perturbation of Nq — ► N m implies that we do not have to reduce it in the course of N' m ^ N' n2 . Otherwise, if we do 

not perturbate N Q ~> N n , we shall reduce (\x.P)Q in the course of N m -i* N ni , increasing n\ exactly by one step, 

as compared to n^. If, on the contrary, at least one of the rewriting steps in Ni ~> N m replicates 11^//, so generating 

many copies of (\x.P)Q, then n\ = n-2 + k, with k > 1. It is enough to observe that N m d ~t> N ni will contain a step 

for every copy of (\x.P)Q, while these steps will not belong to N' m -i 1 N' n because it will aheady contain copies of 

415 P{ Q / X }- 

So every arbitrary sequence of perturbations, at any level, of any round in any canonical strategy reduces in 
advance redexes that, instead, would be first replicated, and then reduced, by the canonical strategy itself. So the 
canonical strategy is the worst one. 
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5 Quasi-linear safe recursion on notation (QISRN) 



We define the fragment QISRN of the Safe recursion on notation (SRN) that we shall be able to embed into WALT. 
Recall that QISRN is SRN where the composition scheme is restricted to linear safe arguments only. To introduce 
QISRN, we follow [BW96]. 

The signature of QISRN. Let Sqisrn = Ufc^gN^oisRN ^ e tne s ig nature °f QISRN. Sqisrn contains the base 
functions and it is closed under the schemes called linear safe composition and safe recursion. For every k, I G N, the 
base functions are the zero z k ' 1 G ^q\srn> tne successors Sq' 1 , sj' 1 , and the predecessor p ' 1 G E Q '|g RN , tne projection 
7T,- ' G 5]qisrN' W ^ m 1 < * < + Z, and the branching c 0,3 G £qi|rn- 

For every k, I, I', li, If G N, the linear safe composition is ° k li, i=1 "[f,gi,...,gy,hi,...,hii\ G Eqisrn 1 if 
/ e S QlSRN'5i: ■■■,9k' G s qisrN' and/l * G Sqisr N , with i G {1, . . . , Z'}, while the sa/e recursion is r fe+1 ' Z [5, /i , /ii] G 
s q!srn if 9 G QISRN M , and ft,,, G E^ +1 . 

Quasi-linear safe recursion on notation (QISRN). Let Vqisrn be a denumerable set of names of variables, 
disjoint from Eqisrn- QISRN is the set of Safe recursive functions on notation with quasi-linear safe arguments 
with signature Sq/SRN. or, simply Quasi-linear safe recursion. QISRN is such that Vqisrn C QISRN, and for every 
k, I G N, if / G S Q | SRN , and ti, . . . , tk, ui, . . . , ui G QISRN, then f(t\, . . . , ife, u\, . . . , u{) G QISRN. As usual, a 
term is closed if it does not contain variables of Vqisrn- 

Notations and terminology. x,y,z ... denote elements of Vqisrn- t,u,v ... denote elements of QISRN. For 
every / G E Q '| SRN , k and I are normal and safe arity of /, respectively. For every k, I G N, such that I — k > 1, tn..n 
denotes a non empty sequence tk, . . . , ti of I — k + 1 terms in SRN. tr^n (i), with k < i < I, denotes the element ti of 
t[ ki i]. 

An equational theory on QISRN. The definition of the equational theory exploits that every natural number n 
can be written, uniquely, as Y^jLo ^ m ~^ v m-j- So, assuming to abbreviate the base functions Sq :1 ,s° -1 as So,Si, 
respectively, we can follow [MO04] and say that is equivalent to z 0,0 , and n > 1 to s„ (. . . (s I/m _ 1 (si z ' )) . . .). 
Notice that we could have expressed n as Y^JLo ^ v 3' ^ ut our choice makes proofs simpler. Then, the equational theory 
is as follows. Zero is constantly equal to 0: z k ' l (xii ; k],X[k+i;k+i]) = for any k, I G N. The predecessor erases the 
most significant bit of any number greater than 0: for every i G {0, 1}, p 0,1 (0) = 0, and p°' 1 (s.i(y)) = y. We shall 
use p as an abbreviation of p ' 1 . The conditional has three arguments. If the first is zero, then the result is the second 
argument. Otherwise, it is the third one: for every i G {0, 1}, c 0,3 (0, yo, y\) = yo, and c 0,3 (si(j/), yo, y\) = y\. The 
projection chooses one argument, out of a given tuple, as a result: for every 1 < i < k + l, ir i ' (fn.y , af[ fc+1;fe+ /]) = x,. 
The linear composition uses the safe arguments linearly. This means that it splits the sequence of safe arguments into 
as many sub-sequences as required by the safe arity of every hi function, used to calculate the safe arguments of /: 



J k',i' 



[ft 9i, ■ ■ ■ t 9k', hi, . . . , hi'] (x[ 1 . k ],X[ k+1 . k+h ],X[ k+1+ i 1 . k+ i 1+ i 2 ], . . . ,£ [fc+1+ £</-i i .. fe+1+ ^i'_ i 

= / (9l(X[l;k])f ■,gk'(X[l;k]),hl(x'll;k],X[k+l;k+h])f ■ , h V (x" [1;k] , X^^l'-i i.. k+1+ ^' 1 4 ] )) ' 

The recursion iterates either the function ho, or hi, as many times as the length of its first argument. The choice 
between ho, and hi depends on the least significant digit of the first argument. The base of the iteration is a function g: 



fc+i,i 



r 



[g, h , hi}(0, x {1 . k] , x [k+1 . k+l] ) = ff(z[i ; fc],i[fc+i;fc+i]) 



T k+1 ' l [g,h ,h 1 ](s i (x),x [1 . k] ,x [k+1 . k+l] ) = hi{x,X[i- k ], X[ k+1;k+ i], r +1 ' [g, ho, hi](x, £ X[ k +i;k+i])) 
We notice once more that the recursion evaluates its safe arguments with no restrictions at all. 



440 6 Programming combinators in WALT 

To embed QISRN into WALT, inductively, we are going to program some combinators in WALT. They will represent 
the base functions, and both the composition and recursive schemes of QISRN. This requires to find the correct data- 
types that allow to capture the call-by-value nature that QISRN inherits from SRN, once SRN is taken as rewriting 
system, and not "only" as equational theory [BW96]. In particular, the recursive scheme will be implemented by 
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445 an iteration scheme in WALT, whose behavior will be intuitively illustrated before its formal definition is given in 
Subsection 6.3. 

6.1 Basic data-types in WALT 

We define a set of Data-types — (unary) strings, (binary) words, booleans, two kinds of tensors, and lists — whose 
canonical constructors can be typed in WALT. 
450 Notations and definitions. If X is any finite set, \X\ is its cardinality. % n A denotes $ • ■ • %A with n > oc- 
currences of $. An analogous meaning holds for \ n A. (— oJLj Ai) abbreviates A± — o ■ ■ ■ — o A n , while (— •™ =1 Ai) 
abbreviates A\ — • • • • — • A n . If useful, B shortens A — o B, for any A, B. Finally, the A-term identity \x.x is /. 

(Unary) Strings. We call Unary string, or simply strings, the terms identified as Church numerals, the reason 
being that the Church numerals are, generally, used to encode the integers N in unary notation. The type N of strings 
is N = Va.!(a — ° a) — ° $(a — o a) whose constructors have the standard form: 

= \fy.y 

m = \fy-(f{- '■(/?/)'■')) (m>l occurrences of /) 

The successor on the strings is the usual term, up to a /3-expansion: 

Ss = \nf.(\zx.f{zx)){nf) . 

First, Ss develops the iteration of n applied to /, and, then, it applies the fully unfolded iteration to x. The presence of 
a /3-expansion when a string is used to iterate some step function seems a kind of constant design property that WALT 
455 induces on the A-terms it gives a type to. 

Proposition 3 (Typing the strings.) Rules derivable in WALT: 

n > 

0; 0; h n:N 0; 0; h Ss:N -° N 



Proposition 4 (Dynamics of the successor on strings.) For every n e N, Ss n ^+ n+l. 

Tensors. We use the Tensors to represent tuples of A-terms. The tensor type symbol is used as follows 
®iL i A* = ^ a -((~°iLi Ai) — o a) — o a, with m > 1, and the type constructors coincide to the usual definition 
of tuples in the A-calculus: 

(Mi . . . M m ) = \z.z Mi ... Mm (m > 1) 

\(X1 . . . X m ).M = \w.U)(\xi . . . Xm.M) (m > 1) 



Proposition 5 (Typing the tensors.) Rules derivable in WALT: 

Yi; Ai;£i h Mi:Ai ... 
Ti . . . T m ; Ai . . . Am; Si U • • • U Em h (M u . . . , M m ) : ®" 1 A t ® 

T, xi : Ai , . . . , x m : A m ; A; £ h M : g 
r;A;£h\( a ;i... : r m ).M:((g)^ 1 Ai)^B ~" ® 

Proposition 6 (Dynamics of the tensors.) For every Mi . . . M m • • • x m ).M)(M\, . . . , M m ) — >+ 

(\xi...x m .M)M 1 ...M m . 

460 Booleans. We call Booleans the terms that, applied to a tuple, project out one its components. The type B m of a 
space of booleans with m elements is B m = Va.((££)"Lj a) —o a, with m > 1. The type constructor is a projection 
7r™ = \(xq . . . x m -i).Xi with m > 1, and < i < m — 1, defined on tensor tuples of terms. 
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Proposition 7 (Typing the booleans.) Rules derivable in WALT: 

n > 1 0<i<n-l 
0;0;0r-7r?:B„ 

Proposition 8 (Dynamics of the booleans.) For every n>l and < i < n — 1, 7rJ™ (Mo, . . . , Af m _i) — >+ Mj. 

(Binary) Words. We call Binary words, or simply words, the terms that allow to encode the integers N in binary 
notation. The type of the words is W = Va.!(a — o a) -^l(a — o a) —o $(a — o a). The canonical constructors ofW 
are: 

5 = \01y.y 

2 m + 2 m-l . J/m _ 1 + . . . + p . = = \Oly. Uo (. . . (v m _l(l ?/)■■■) (4) 

where m > and i/o<i<m-i S {0, 1}. In particular, observe that, for any n > 0, the least significant bit of 2n + v 
coincides to v, and that a word is a Church numeral built using the two successors names 0, and 1. Two combinators 
WsO, and Wsl that yield the successors of any word exist: 

Wsl = \n01.(\zy.l(zy))(n01) 

WsO = \n.MkC (\0l.(\zy.0(zy))(n01)) 

MkC = \n0l.(\z.\y.(\(x y) .y)(z(BWkCy)))(n(SWkC 0)(SMkCi 1)) 
BMK = \».(jrg,y> 

SMkCo == \x.\{pr).(\{p 1 p 2 ).{pi,P2(\x.x,x}r))(p{{TVo,iTo}, (7Ti,7r?))) 
SMkCi = \x.\{pr).{iri,xr) 

Wsl has the form we expect, namely it generalizes the form of the successor on strings. WsO uses MkC to erase every 
occurrence of the symbol to the right hand side of the most significant bit of a word, as in [MO04]. This allows to 
preserve the requirements on (4), where any n, with n ^ 0, must have 1 as its most significant bit. The words have a 
single predecessor: 

P = \n.\01.(\z^7Ti(z(BasePy)))(n(StepP0)(StepPl)) 
StepP ee \x\(uv) .(x,uv) 
BaseP EE \x.{\x.x, x) 

which is completely linear [Rov99, AR02]: all variable names occur once. Finally, it is also useful to define a term that 
discriminates words: 

B ee \n.\ab.\01.(\w.\z 1 z 2 .wno (zi, 2a))(n (\x.7T?) (\x.nf))(a0 1)(60 1) 
that, applied to three words, if the first one is 0, it gives the second one. Otherwise it yields the third word. 

Proposition 9 (Typing the words.) Rules derivable in WALT: 

n>0 M 6 {WsO, Wsl} 

0;0;0hW:W 0; 0; h M:W -o W 

M £ {SMkC ,SMkCi} 

0; 0; h MkC:W -o W 0; 0; h BMkC : a — o (B 2 ® a) 0; 0; h M:!(a -« a) -^!((B 2 ® a) -o (B 2 ® a)) 

0; 0; h P:W ^> W 0; 0; h BaseP:a -o ((a -« a) ® a) 
0; 0; h StepP : (a -« a) -« ((a -o a) ® a) -« ((a -o a) i a) 0;0;0hB:W^>W^W^W 
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Proposition 10 (Dynamics of combinators relative to the words.) For every n, a, b e N: 



Wsln->J 2n+ 1 (5) 

WsOU-^U (6) 

Ws0l^i2n (n > 0) 

P2n^if! (7) 
P2n + 1 W 

BUIS-^?! (8) 



B2n + iab — 6 (n > and i/n = then i = 1) 

(5) shifts (to the right) its argument and adds 1 as a new least significant digit. (6) right-shifts its argument, but the 
added digit is 0. (7) calculates the predecessor on a word, that amounts to erase the least significant bit. (8) chooses 
between two words, depending on the value of its first argument. 

Elementary tensors. We use the Elementary tensors to represent tuples of A-terms. The relative type is = 
Va.(— • 'j—iAi — • a) —o a, with m > 1, and the type constructors coincide to the usual definition of tuples in the 
A-calculus: 

(m > 1) (9) 
(m > 1) . 

Intuitively, the type of the variable z in (9) requires that every component Mj only depends on elementary discharged 
free names. 

Proposition 11 (Typing the elementary tensor.) Rules derivable in WALT: 

0;0;{(ei;0)}hMi:Ai ... 0; 0; {(9 m ; 0)} h M m : A m 
0;0;{(ei ! ... i e m ;0)}h({M lj ... J M ro }):O™iA i ° 

r;A;g,(9,a;i:Ai,...,a: m :^ m ;0) h M:B 
T;A;£,{(Q;<A)}h\{{x 1 ,...,x m }).M:(OZ 1 $A i )-oB 

Proposition 12 (Dynamics for the elementary tensor.) For every Mi , . . . , M m , 
(\({xi ■ ■ ■ x m }).M)({M 1} . . . , M m }) (\ Xl . . . x m .M) M x ... M m . 

Lists. We use L %A as the type of a list of elements of type $A, which is L $^4 = \/a.l($A-» a —o a) -o $(a —o a). 
Observe that the type is derived from the one Va.\(A — o a —o a) — o $(a —o a) we could expect. Our choice induces 
list constructors fruitfully usable in a call-by-value context, like WALT is. Also, we remark that $A is an argument of 
the arrow -• as consequence of the way the combinator L2C uses every element of a list. We shall see later on how 
L2C maps a list of elements to an (initial) configuration, to define an iterator in WALT. The canonical constructors of 
the lists are: 

nil = \cx.x 

[Mi , . . . , M m ) = \cx.c Mi (. . . (c M m x)...) (m > 1) . 

Proposition 13 (Typing the lists.) Rules derivable in WALT: 

0;0;£ihM i: $A £» C {(Oi;0)} ie{l,...,m} 

0; 0; h nil:L$A 0; 0; £i U . . . U S m h [Mi, . . . , M m ] : L $A 



({Mi . . . M m }) = \z.2 Mi . . . M m 

\({X1 . . . Km»M = W.W(\X1 . ..X m .M) 
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6.2 Core combinators 

The core combinators constitute an intermediate step that simplifies the definition of an iterator and of a composition 
475 in WALT. We start showing how we can embed the arguments and the result of terms into a suitable number of boxes. 
Since we have two kinds of implications, and we can transform the standard linear implication into an eager one, we 
have three kinds of embedding functors. 

Basic embedding. For every n > 1 the basic embedding is Eb n [M] = \x.Mx. Its purpose is to take a term M, 
representing a function with a single linear argument, and to transform it into a term that represents a function with a 
480 single eager argument. 

Linear embedding. For every n,p > 0, the linear embedding is E1"[M] = \xi . . . x v .M x\ . . . x p . 
Eager embedding. For every n,p,q> 0, the eager embedding is: 

Ee" 9 [M] = \vii ■ ■ ■ WpZl ...Zq. 

[\wi . . .Wp.Mwi . . .WpZi . . . z q )(Eb 1 [Coerce n ]ii>i) . . . (Eb 1 [Coerce™]w p ) . 

Proposition 14 (Typing the embeddings.) Rules derivable in WALT: 

0; 0; h M:L -o % m A m>0 n>l 0; 0; h i\f : (-°f =1 L l ) —° $ m A m,n,p>0 
T;A;£h Eb n [M] : VL $ m+n A T;A;£\- El%[Af] : (-of =1 $ n Li) -o % m+n A 

0;0;0hA/:(-. f =1 $W) (-. q j=1 % m Lj)-* % m A m>l n,p,q>0 
T;A;£\- Ee^.JM] : (-. f =1 $ n W) (-• ] =1 $ m+n L,) $ m+n A 

We observe that V, A, and £ in the rules that give type to both E1™[M], and Ee™ [M] can be not empty only if n > 1. 

Proposition 15 (Dynamics of the embeddings.) For every n,p,q > 0, and values Mi , . . . , M p , M[ , . . . , M' q : 

Eb [M] Mi MM! 
Elp [M] Mi . . . M p ->* M Mi ... M p 
Eep. 9 [M] Mi . . . M p M[ . . . M' q ->l M Mi . . . M p M[ . . . M' q . 

Coercion. The coerce function takes an instance of a binary word and reconstructs it inside a box. It is Coerce = 

\n.(\z.z0)(?iWsOWsl). To our purposes, Coerce must be iterated to reconstruct the given word into some given 
number of boxes: 

Coerce = \x.x 
Coerce 1 = Coerce 

Coerce m+1 = \x.ElJ [Coerce 171 ] (Coerce 1 x) (m > 1) 

Proposition 16 (Typing the coercions.) Rule derivable in WALT: 

m>0 

0; 0; h Coerce m : W -o $ m W 
485 Proposition 17 (Dynamics of the coercion.) For every m > 0, Coerce" 1 n — ►+ n. 
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So, Coerce™ is the identity on the given argument, but the type of the result changes, getting a modal type. 

Diagonals. Every diagonal replicates a word instance inside some boxes. The (standard) diagonal puts together 
the copies of the given input by means of a tensor. Every copy is generated from scratch, by iterating the successors on 
words. The parameter n indicates the number of copies to generate. For every n > 1, the result is one box deep: 

n 

V„ =\w. (\z.z (jj,...,B))(w (\(xi...X„)-(WsOx 1 ,...,WsOx„)) 

(\(asi . . . x„).(Wsl xi, . . . , Wsl x n ))) ■ 

We have a second version of diagonal, the elementary diagonal, that puts together the copies of the given input by 
means of an elementary tensor constructor. Every copy is generated from scratch, by iterating the successors on words. 
The parameter n indicates the number of copies to generate. For every m,n > 1, the result is contained into a single 
box, but every component of the elementary tensor, in the result, is m boxes deep: 

n 

'■ — N 

V™ = \to. (\z.z <{0, . . . ,0}»(w (\{{xi . . . x ?l }).({Eb m [WsO] xi, ... , Eb m [WsO] x„}» 

(\<{xi . . . x ?l }).({Eb m [Wsl] xi,..., Eb m [Wsl] x n }») . 

Proposition 18 (Typing the diagonals.) Rules derivable in WALT: 

n > 1 m > 1 n > 1 

0;0;0h V n :W^$((g)^ 1 W) 0; 0; h V™ : W ^> $(©?=! $" l W) 



Proposition 19 (Dynamics of the diagonals.) For every m, n> 1, both V„ a — ►+ (a, . . . , a), andV™ a - 
Recasting combinators. We define a term that maps any word into a string as long as the word: 

W2S = \nf.(\zy.z y) (n / /) . 

Another useful term maps a string to a list with as many copies of a given closed term as the string's length 
term is the first argument, while the string is its second one: 

S2L = \knc.(\zx.z (\/.x) I)(n(\lf.ck (I I))) . 



Proposition 20 (Typing the recasting combinators.) Rules derivable in WALT: 



hS2L:$ 2 A-«N^L$v4 



The will to type a term like S2L required to generalize the rule ! of LAL as in WALT. 

Proposition 21 (Dynamics of the recasting combinators.) For every m > and every closed value M: 



W2S0^+0 (10) 



W2S 2" 1 + 2™" 1 • u m -i + ■ ■ ■ + 2° • vo m + 1 {n £ {0, . . . , m - 1}) 

S2L Mm -»+ [M,...,M] (11) 



(10) transforms a word with m digits into a string of the same length. (1 1) builds a list as much long as the value of the 
second argument. The list contains copies of the first argument, which must be a closed term. 
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6.3 Iterators 



We shall define combinators to build an iterator scheme in WALT, the goal being the simulation of the recursive scheme 
in QISRN. We want to give some intuitions about how the iterator works. So, we assume to have a recursively defined 
function /(0, a) — g{a), and f(n,a) = h(n — l,a,f(n — l,a)), with n > 1. Then, we show how simulating its 
top-down recursive unfolding: 

f(n, a) = h(n — 1, a, f(n — 1, a)) = ... = h(n — 1, a, h(n — 2, a, . . . h(0, a, g(a)) . . .)) 

by a bottom-up reconstruction that iterates some transition functions on suitable configurations and pre-configurations. 
The reconstruction requires to assume H, G be the interpretations of h, g, respectively, in WALT. Moreover, for sim- 
plicity, we assume the unary strings n, a represent n, a in WALT. What we are going to say, though, keeps holding with 
/ of arbitrary arity and with words as its arguments, instead of strings. The main problem to reconstruct the unfolding 
above is the need to replicate a. To see how overcoming that problem, we start by assuming that, in WALT, we can 
develop sequences of computations like the following one: 

((Ga, , [<v^a] » (12) 

n + l n + l 

({Ga, <0, [T, ...,T|), (a, [a,..., a]))) -^t((H0a(Ga),^L, . . . ,T\,[a, . . . ,a])) (13) 

n n n n 

((H0a(Ga), (T, [2, ...,2]), (a, [a, . . . , a}}}) ^t((Hla(HQa(Ga)),^,...,T\,[a,...,a])} . . . (14) 

rl — 1 n — 1 n — 1 n — 1 

The right hand column contains configurations, the topmost being the initial one. The left hand column contains 
pre-configurations. Every pre-configuration comes from its preceding configuration by (i) separating head and tail of 
every list, and storing them as the two components of a same pair, (ii) only on the leftmost list, simultaneously to the 
separation, the successor is mapped on the tail. 

Every configuration, other than the initial one, is obtained from its preceding pre-configuration by the application 
of an instance of H to the first element of every pair, and to the first element of the whole pre-configuration, which 
accumulates the partial result of the bottom-up reconstruction. 

Everything works correctly if the formula $N $ m N $ m N, for some m, becomes the type of the term of WALT 
that represents /. Such a type says that / becomes a term of WALT that eagerly evaluates its two arguments. $N is the 
type of n, here representing a normal argument. $ m N is the type of both a, here representing a safe argument, and of 
the result. It is crucial that these two types coincide, otherwise we could not interpret any recursive scheme. We could 
obtain such a coincidence only by generating [a, . . . , a], in the initial configuration, using S2L above. The peculiarity 
of S2L is that, having $ 2 N — • N — o L $N, as its type, we can look at S2L as it was a kind of dereliction: one of the 
$-modalities in the type of its first argument is absorbed by the $ rule hidden in the structure of the resulting list. This 
behavior is obtained by making an essential use of the rule ! where a is an exponential assumption, namely a value that, 
eventually, the context will supply. The "disappearing" $ modality allows to implement the bottom-up reconstruction 
through a combinator c2c that takes a configuration at a given level and yields another one at the same level. 

Now, we move to the technical parts, where we set the relevant data-types. 

Configurations. For every k > 1, the type of the configurations is: 

C[$Ai . . . $A k ; $B] = Vqi . . . a k .(^ k l=1 \($A l a, -o a,)) ^> 

S(HU at) -o V 7 .(($B MU on) - 7) - 7)) 
such that {a>i, . . . , ay, 7}nFV(B) = 0. We shall use the following canonical instance of the type of the configurations: 

n + l s 

C[l + n; s; m] = C[$W . . . $W $ m W . . . $ m W; $ m W] 
for some given n, s > and m > 1, whose canonical realizers are given by the following scheme: 
{(r , [IT , . . . [nn, ■ ■ ■ , , ■ ■ ■ , [rani, ■ ■ ■ , f^nT] , [sTT, • • • , ITr] , ■ ■ ■ , [ST, ■ • • , = 
\d rfi ■ • ■ d„ei . . . e s .\w wi . . . w„zi . . . z s . 
\x.xf(d aT(- • • (dp a7w ) • • • )) 

(di mT(- • • (dinjjwi) •••))■■■ (d n n^(- ■ -_(d n n^w n ) • ■ • )) 
(eis!T(- ■ ■ (eiJTrZi) ■■■))... (e s s^"(- • • (e s s^z s ) • • ■ )) 
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Essentially, the scheme is a tuple whose first element is a word, and all the remaining elements are lists of words, all 
with the same length. 

Proposition 22 (Typing the configurations) Let n, s, r > 0, and m > 1. A rule derivable in WALT: 





0; 0; hl=:$W 


«£{!,•■ 


■,r} 






0; 0; hF:$ m W 










0; 0; hl=:$W 


<e{l,.. 


■,n}, j £ {1, ■ ■ 


•,r} 


515 


0; 0; hf=:$ m W 


i &{!,.. 


•,s}, j £{!,.. 


■,r} 



0;0;0h 

, [nn, • • • , ?M7] , ■ • • , [n„i, . . . , W^] 

, [Iff, . . . ,fi7], . . . , [Iff, . . . ,Ha\)) :C[1 + n;s;m] 



Final configurations. For every k > 1, the type of the final configurations is: 

FC[$Ai . . . $A k ; $B] = Vqi . . . a k 7.(-o^ =1 !($Ai -• a, -> a,)) -o 

$(HU at) - ($5 (-oti at) - 7) - 7) 

such that {ai, . . . , ak, 7} D PV(JB) = 0. The difference with the type of the configurations is the extrusion of the 
universal quantifier on 7. We shall use the following canonical instance of the type of the final configurations, for some 
given n, s > 0, and m > 1: 

n + l s 

FC[1 + n; s; m] = C[$W . . . $W $ m W . . . $ m W; $ m W] 

The canonical realizer of a final configuration has the same form as a canonical realizer of the configurations. The 
final configurations are introduced as a necessary step to extract, with the correct typing, the first component r of a 
configuration, that will represent the result of an iteration. 

pre-Configurations. For every k > 1, the type of the pre-configurations is: 

SC[m ...a k , 5; $Ai... $A k ; $B] = V 7 .(($B H- =1 T[cn, S; -° 7) -° 7) 

where: 

U[a, 5- $A] = ($A^a^a)^. ($A -o $A) -o $A ((5 ~o S) -o a) 
T[a, 5; $A] = V/3.((U[a, 5; $A] -q /3) -o y9) 

such that {ai, . . . , ak, <5, 7} D FV(f?) = 0. We shall use the following canonical instance of the type of the pre- 
configurations: 

l + n s 

SC[a . . . a n +s, 8; m] = SC[a . . . a n+s , 5; $W . . . $W, $ m W . . . $ m W; $ m W] 

for some n, s > and m > 1, Given r > 0, the realizers of the canoncal pre-configurations are given by the following 
scheme: 

<{ r, (oT, [of, . . . , 

{nn, [ni2, • • ■ , HirJ), • • • , (n n i, |n„2, • ■ ■ , rwj), 

(sTT, [sTf, ... , 1x7] ),..., (sJT, [Hf, ••• » C1...C = 

C?ii . . . tZir fi n i . . . (l nT 

en . . . ei r e s i . . . e sr 

WqIDi . . . u> n 2l . . • #s 

\x.a;F(V.tci M W {\f.ciW (• • . (c r a7™ ) . . •))) 

(\t.tdu Mi nil (\/.di2ni2(. . . (di r nT?iui) ■ • •))) ■ 1 ' (V-*d„i M„n7i (\/-dn2«^2(- ■ ■ (dnr^TOn) . . .))) 
(\i.ten iVi ail (\/.eiaSi3(. • ■ (ei r sT7zi) . . .))) • ■ ■ (\t.te sl N s s^l (\f.e s2 s&(- ■ ■ (e sr s^z s ) . . .))) 

up to any choices of the closed values Mi, with is {0, . . . , n}, and JVj, with j G {1, . . . , s}. Essentially, every realizer 
520 of a canonical pre-configuration is a tuple. The first element is a word, and all the others are pairs. Every pair contains 
a word and a list of words. All the lists in the same pre-configuration have the same length. 
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Proposition 23 (Typing the pre-configurations) Let n, s, r > 0, and m > 1. A rule derivable in WALT: 



0; 0; hl=:$W 


ie{i,.. 


•,r} 




0; 0; hF:$ m W 








0; 0; hW=:$W 


ie{l,.. 


■,n}, j G {1,. 


-,r} 


0; 0; h s-:$ m W 


i6{i,.. 


-,s}, j £ {1,.. 


•,r} 



Ci , . . . , c, : $ W — o a — o Q , 
dn, . . . , dir :$W —oai—oai, 

, d„i , . . . , d nr : $W — o a„ — o a n , 

en, . . . , ei r :$ m W -o a 1+n -o ai +n , 

, e s i , . . . , e sr : $ m W — o a s+n — o a s+n , 

wo :ao, wi :ai, . . . , w„ :a n , zi :ai+n, . . . , % :a s +n; 0; 
h {{r, (al, [if, . . . ,S7]), 

(nil, [ni2, • • • , ,)•■■, (Wff , [n n 2, ■ ■ ■ , n^] ) , 

(sir, [iff, ... ,W\ >,..., (sz, [Sf, ... » cl ... Cr 

rfll . . . C?i r ■ ■ ■ fi n i . . . G0 nr 

en . . . ei r • • • e s i . . . e st 

: SC[ao . . . a n +s, 5; m] 

Transition function. C2Ci +n:s [f 1 ] is a transition function that maps configurations to configurations. It composes the 
two combinators C2PCi+ n ;s[-F r ] and PC2Ci+ n;s [i r ']. The first produces a pre-configuration, from a given configuration, 
while the second goes in the opposite direction. F and F 1 are parameters that will be instantiated by combinators. 1 + n 
and s represent the normal and the safe arities, so pointing to the future use we shall make of the transition function 
to represent QISRN functions with normal and safe arguments. The definitions are here below, where BaC2PC and 
StC2PC, are a base and a step function, respectively, used to extract pairs on lists: 

C2Ci +n;s [F, F'] =\x.\d di . . . d n ei . . . e s . 

(\b.\wQW! . . . w n Zi . . . z s .PC2C 1+n - s [F'](bw Wi . . . W n Z\ . . . z s )) 
(C2PCi +n;s [.F] x do di . . . d n ei . . . e s ) 
StC2PC m [G] = \catx.x cEl?{G] a (\f.t (\cgal.c(g a)(l I))) 

BaC2PC m = \yx.x(\xy.y)ElT[I]^(\f.y) 

C2PCi +n;s [G] =\x.\dodi . . . <f n ei . . . e s . 

(\b.\woWi . . . w„z\ . . . z s .b (BaC2PC 1 Wo) 

(BaC2PC 1 wi)... (BaC2PC 1 w n ) 
(BaC2PC 1 Zi) . . . (BaC2PC 1 z s ) 

)(x (StC2PC 1 [G] d )(StC2PC 1 [J] di) . . . (StC2PC 1 [J] d„) 
(StC2PC m [J] ei) . . . (StC2PC m [/] e s )) 

PC2Ci +n;s [F'] = \i.i(\r((,(i . . . t n t\ . ..t' s .t' s (. . . (*i(t„(. . . (ti(t H)) . . .))) . . .)) 
where H = \dofonan . 

\difmin\ — \d n f n n n n„. 
\ei5ieis* \e s g s s s sl. 

\x.x (F' n ni...n n si...s s r) (nj /) (n* I)... (nj I) 

(s\l)...(stl) . 

C2PC uses lists as they were stacks: it pops the head of the stack, keeping head and tail in a pair. 

Proposition 24 (Typing the transition function) Let n, s > 0, and m > 1. Rules derivable in WALT: 

0; 0; h BaC2PC m :a T[a,<5;$ m W] 
0; 0; h G:W -o W 

0; 0; h StC2PC m [G] : ($ m W -o a a) -o $ m W -• T[a, S; $ m W] -o T[a, S; $ m W] 
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h C2PCi + n ;s [G] : C[l + n;s;m] -o (^ =0 !($W ° oli ° a,)) 
^H J n + s n+1 !($ m W^Q J ^a J )) 

-° $((-°"=o a -° (-°3in+i q j) ~° sc [ Q o • . .a n+s ,<5;m]) 
0; 0; |;hF': $W — • (-• ? = i$W) (-• f = i$ m W) -• $ m W -. $ m W 
0; h PC2Ci +n;s [F'] : SC[a . . . «n+s, 8; m] -o 

($ m W - (-oLo «0 - (-o]+ s n+1 a,) - 7 ) - 7 

h F:W -o W 

h F' : $W -• (-• , n = i$W) -• (-• Li$'™W) -• $ m W -• $ m W 



»;0; 



; h C2Ci +n;s [F, F'] : C[l + n; s; m] -° C[l + n; s; m] 



Proposition 25 (Dynamics of the transition function) Let n, s > 0, and m > 1. For every r, 

[IT, ... ,Sf], [nil, ■ ■ ■ ,^7], ■ ■ ■ , [n^T, ■ ■ ■ [sIT, ■ ■ ■ ,^T7], ■ ■ ■ , [^si, ■ ■ ■ ,^f], ?f -Fa? — a[, 
for some a' t , we have: 



when i £ {2, . . . , r}, 



C2PCi +n;s [F] ((r, [of, • • • ,a7|, [nn, . . . , mf], . • • , [nUi, . . . ,rw] (15) 

, [Sll , ■ ■ ■ , Sl r ] , • • • , [Ssl , ■ ■ ■ , Ssr] )} ►to 

\dodi . . . d n ei . . . e s .\w w i . . . ™ n 2i . . . z s - 

(((F, (gf, [a 2 , ...,0?]) 

, (nn, [ni2 , • • • ,n~iT]), . . . , (n n i, [n n 2, • • • ,Sff]) 

, (sTT, [Iff, ■ ■ ■ (§fi, [Iff, ■ • • ,lff]})) Cl ... 0r 

tZll . . . (il r tZ n l . . . d n r 

en . . . eir e s i . . . e sr 

motiii . . . w n zi . . . z s 

){ "%*..."%* 

til/ di / d„ / d„ I eij ei / e s / e s / 

/dll--- /air /dnl--- / dnr / qi • • ■ /^lr / e s l ■ • ■ /esr 

1D / ™n / =1 / Z S / 1 

/ TO • ■ ■ / TO„ I Zl ■ ■ ■ / Zsf 

Moreover, if we assume F' be such that F' a\ nTT . . . nTTf sn . . . s^T r — ►+ r', /or some r' , then, we also have the two 
following reduction sequences: 



\dodi . . . d„ei . . . es\woW\ . . . w„z\ ...z s . 

(PC2Cl + n;s [F'] ({¥, (If, [ff, - - - ,Sf]) 

, (nn, [ni2, ■ ■ • , nTTJ), ■ ■ ■ , (n„i, [n n 2, ■ • • , nT7[) 

, (sTT, [Iff, • • • ,fff]), ■ ■ ■ , (sIT, [Iff, ■ ■ ■ ,lf])» ci...c r 

dii . . . di t d n ± . . . d m 

en . . . eir e si . . . e sr 

I^O^l ■ ■ ■ t^n^l ■ ■ ■ Z 5 

){ ^/d ..-*>/« 

ill, dl / , d n/. dn / , ei/ ei / e s / e s / 

/an--- /di r /dnl--' / dnr / eil • ■ ■ /eir / e s l • - ■ / e sr 

U<0 / / -1 / / 1 + 

/ -TOO • ■ ■ / TO„ / Z\ ■ ■ ■ I Zs S ^TO 

((r', [If, . . . ,W\, [nTJ, . . . , nTT], • • • pnf, • • • ,W^7], [Iff, . . . ,lfT], . . . , [Iff, . . . 
C2Ci +n;s [F, F'] ((r, [ff, . . . ,S7], [nTT, • • • , wff], . . . , [nTT, • • • ,nfi7] 

, [Sll , • • • , Sir] , ■ • ■ , [Ssl , ■ • • , S sr ] )) > w 

{{r' , [a 2 , . . . , a' T ] , [ni2, - - - , nfr] , . . . , [n„2, ■ ■ ■ , nT7] , [Iff, ■ • • , iff] , . . . , [Iff, . . . , Iff] )) 



(16) 



(17) 



Iterator. Iti +n s [Fo, Fi, G] realizes a virtual machine that iterates two instances of the transition function starting 
from an initial configuration. One instance of the transition function depends on the term Fq, the other on Fx. The 
initial configuration is built using the term G. The choice about which transition function using depends on a copy of 
the first argument of the iterator, which is a word. A second copy is used by the iterator, through W2Ci +n:5 , to generate 
the initial configuration. In particular, W2Ci+ n;s exploits the term S2L that requires two assumptions: one of them is an 
elementary partially discharged one, namely it must be $-modal, and will correspond to one of the constant arguments 
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of the safe recursion scheme we shall simulate. Once the iteration stops, FC2W 1+n;5 reads the word, representing the 
result of the iteration, out of a final configuration. 

lti +n . s [F , Fi,G] =\n.\m ...rin. 

EeJ; l+n+s [H] (El J [V2] n) (El \ [Coerce 4 ] ni) . . . (Eli [Coerce 4 ] n n ) 

H being \tm . . . n„si . . . s s . 

t (\a6.(\zy.FC2W 1+n;s (C2FC 1+n;s (z (C2Ci +n;s [/, G] y))) 
)(a C2Ci +n;s [WsO, Fo] C2C 1+n;s [Wsl, Fi]) 
(W2Cl + n;s ni . . . n n si . . . s s 6)) 

W2Ci+ n ; S =\ni . . . n„Si . . . s s w. 

(\t.t(\k ki...k n hi...h s . 

L2Ci +n;s (S2L 5 (Ss (W2S fe ))) 

(S2Lm (Ss (W2Sfci))) . . . (S2L?i n (Ss (W2Sfc n ))) 
(S2Lsi (Ss (W2S/li))) . . . (S2Ls s (Ss (W2Sh s )))) 

)(Vl + n + sW) 

L2Ci+n; S =\ loh ■ ■ ■ LL+i ■ ■ ■ l„+ s -\dodi . . . d„ei . . . e s . 

(\b bi . . . b„ci . . . c s .\w wi . . . w„zi . . . «s. 
\x.xO (b w ){bi wi) . . . (b n w n ) (ci zi) . . . (c s z s ) 
) (£0 do)(li di) . . . (l„ d„)(l„+i ei) ... (L+s e s ) 

C2FCi +n;s =\c.\d . . . d n ei . . . e s . 

(\bwo . . . w„zi . . . Zs.bwo . . .w„ zi . . . z s )(cdo . . . d„ ei . . . e s ) 

FC2Wi +n ;s =\c.(\b.b 0— ■ Q(\rxa . . . x n+s .r))(c \xy.x ■ ■ ■ \xy.x) 

l+n+s l + n+s 

Proposition 26 (Typing the iterator) Let n, s > 0, and m > 1. Rules derivable in WALT: 



0; 0; h L2C n;s : (^ =0 L$W) -o (-o* j=1 L$ m W) -o C[l + n; s; m] 

/); 0; h W2C n;s : (-• Li$ 3 W) -. (-. J =1 $ m+2 W) -• W -o $C[1 + n; s; 1 
0; 0; h C2FCi +n;s : C[l + n; s; m] -o FC[1 + n; s; m] 



0;0;0hFC2Wi +n; s:FC[l + n;s;m] -o $ ra+1 W 
0;0;0 h G fc :$W -• (-• ? =1 $W) -• (-• 5 =1 $ m W) -• $ m W $ m W fee {0,1,2} 
0;0;0hIt 1+n , s [Go,Gi,G 2 ]:$W-. (-. U$W) (-• Li$ m+4 W) -. $ m+4 W 

Proposition 27 (Dynamics of the combinators for the iterator.) Let n, s, r, and m > 0. 

For every r, [a~T, . . . ,a7], [nil, . . . ,ffjf], . . . , [rf^f, . . . [iff, . . . ,fT7], ■ ■ ■ , [fli, ...,J^\we have: 



L2Ci +n ;s [01, ■ ■ ■ , Or] [nu, . . . , mT] ■ ■ ■ [rinT, . . . , n nr ] (18) 

[Sll , . . . , Sir] . . . [Ssl, ■ • ■ , ^srj 

((0, [IT, . . . ,W\, [nn, . . . , n57j, . . . , [n n i, . . . , rTn7], [Iff, . . . , Iff], . . . , [Iff, ■ • ■ , ST])} 

For every rTf , . . . , n^, . . . , s7, . . . , si we /lave: 

W2Ci +n ;s"T. • • J^sT- • • si" — >t (19) 
((0, [S, .. .,5], [nT, ■ ■• ,m], • • • , [n^, . . . ,n^], [If, . . . ,?f], . . . , [5J, . . .,5fJ}) 



where every list of the result has m + 2 elements whenever n can be written as 2"V TO + • • • + 2°^o. 
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For every r, [ai, . . . ,a r ], [n n , . . . ,n^\, [n~T, . . . ,n^\, [iTT, . . . ,s^\, {s~[, . . . ,1Q we have: 



C2FCi +n;s ({r , [oi , . . . , a,\ , [tin, . . . , njT] , • ■ • , [nni, • ■ ■ , n„7] 

, [si 1 , . . . , Sir] , . . . , [Ssl , . . . , Ssr] )) 

—►J {(r, |5i, • • • , a7] , [nu, . . . , W?\ , . . . , [n n i, . . . , WpT] , [sTT , ■ ■ ■ , fiT] , • ■ ■ , |s<&, ■ • ■ , 



(20) 



For every r, [ai, . . . ,a r ], [mi, . . . ,ni7|, . . . , [nUi, . . . [in, . . . ,sI7], . . . , [s^i, . . . ,s^] we We: 
FC2Wi +n;s <{r , [sf , • ■ ■ , W\, [nil, ■ • • , WfT] , ■ • ■ i [n"nT, ■ • • , n^f] , 

[iff, . . . ,ffr], . . . , [Si, . . . ,Sr])) — r 



(21) 



525 Proposition 28 (Dynamics of the iterator.) Let n , s > 0, a , n, nT, . . . , n^, sT, . . . , si be some words, Go , G\ , G2 be 
three closed typable terms, U\, . . .} be a denumerable set of metavariables to range over {0, 1}, [If]* be a notation 
for a list with I copies of the word x, for any x and i. 

Let G2 OnT . . . n^sT • • ■ slO rewrite to a word a, and let G± OnT . . . n^sT • ■ • si a rewrite to a word 
r[0, a, rii, . . . , n n , Si, . . . , s s ], and, for every to, i, such that m > 0, m — 1 > i > 0: 



'm-(i+l) 



Vm _j ni ... n n si ... s s r[m - (i + l),o, ni, . . . , n n , si, . . . , s s ] 



G,A Y. 2 

V j =° ) 

rewrite to a word r[m — i, a, n\, . . . , n n , s±, . . . , s s ]. Then: 

1. For every m, k, i, such that to > 0, fc > to + 1, m > i > 0, the following iterated application of the transition 
function: 

C2Ci +n;s [Wsi/i,G„J 

(C2Ci+n;s[Wsi/ i+ i,G„ i+1 ](. .. 

(C2C 1+n;s [Ws*, m , G„ m ]({5, [Sf, m", ■ ■ - , Pnf , m k ,---, • ■ ■)) 



rewrites to the configuration: 



[r[m - i, a, m, . . . , n„, si, . . . ,s s j, 



m — z 
J=0 



-. fc — (m — il — 1 



r==ifc-(m-»)-l [=|fc-(m-i)-l 



, • • • i L^sJ 



where Wsfj « WsO w/jen i/j = 0, a/it/ Wsz^ /s Wsl w/jen v$ = 1. 
2. 77ie iterator behaves as follows: 

Iti +n , s [Go, Gi, G2] OnT . . . n^sT . . . sj — >+ o 



Iti +n , s [Go, Gi, G 2 ] I ^ 2jVj J m . . . n n si . . . s s — r[m, a, m, . . . ,n n ,si, . . . , s s ] ^ 2^Vj / 

\3=0 / \j=0 j 



Point 1 of the proposition here above holds by induction on to — i. Point 2 holds proceeding by cases on the first 
argument of the iterator, applying its definition. If it is 0, then use the assumption on the behavior of Gi- Otherwise, it 
is enough to use the definition of the iterator, and Point 1 just proved. 



28 



6.4 Composition 

We shall define combinators that compose terms of WALT, the goal being the simulation of the composition of QISRN. 

Intuitively, the composition »jy^ i=1 5 ' [F, G\ , . . . , G n i ,Hi,..., H s i] applies the term F to the results of the applications 
of Gi, ... ,G r i , Hi, ... , H s i to their arguments. All the terms Hi, ... , H s i , that we call safe, can be thought of as 
functions with a coincident normal arity n, and with a safe arity Sj. Analogously, all the terms Hi, ... , H s i, that we 
call normal, can be thought of as functions only with normal arity n. The composition is meaningful since F is like 
a function with normal arity n', that equals the number of normal terms, and safe arity s', equal to the number of safe 
terms. Here it is the definition: 

%;y < = lS< [F,Gi, . . . ,G n r , Hi, . . . , H s i ] = 

\ni... "n-EejJin+EJ^ s . [G]Qill[Vl, +s ,] m) . . . (E^V^] n„) 

G =\({xu ■ ..x„>iyn ■ --Vs'i}) ■ ■ ■ \{{xi n ■ ..aVnJ/in . . . y s > n }).\wn . ..w lsi ™ sa . . . uv v - 

Ee^ 1 +s ,[F](G 1 x 11 ...x ln )...(G 

(Ee^^j [Hi] (El}[Coerce m_1 ] j/n) . . . (Eli [Coerce™ -1 ] yi n )wn . . . Wi Sl ) 

■ ■ ■ ( Ee ™n+v ^ s '] ( E1 i[ Coercem_1 ] Vs'i) ■ ■ ■ (ElJ[Coerce" i_1 ] y s ' n )w s n . . . UV V ) 

Proposition 29 (Typing the composition) Let n, s', s\, . . . , s s / > 0, and m > 1. A rule derivable in WALT: 

0; 0; h F:(-m ti$W) -• (-• 5 =1 $ m W) $ m W 

0; 0; h G, : (— ? =1 $W) . $ m W i € {1, . . . , n'} 

0;0;0 h Hj-.(-» n i=1 $W) -• (-. s ^ =1 $ m W) -. $ m W j € {l,...,s'} 

0; 0; h Si [F,Gi, . . . , G n ,,H t ,. . . , H s ,] 

:(-• LiSW) -• (-• £\= lSi $ 2m+1 W) $ 2m+1 w 

Proposition 30 (Dynamics of the composition) Let n , s' , si , . . . , s s < > 0, and nT, . . . , n^, sIT, . . . , sTTf . . . 
. . . ,s 5 ' i , . . . , s s ' Ssl , ~gi, . . . , g n i , hi, . . . ,h s i , f be some words. Let us assume: 

GinT.-.n^^tgi (1 < i < n) 

Hj m. . . n^sJT ■ ■ ■ Sj7~ — ^ hj (1 < i < s) . 

IfF7f[. ..g^hi . . . h s , ->■+ f, then • n Jj, i=1 S ' [F, Gi, . . . , G n >, H 1: . . . ,H S >]W[. . .n^,s^ . . . . . . 

■ ■ ■ s s'l ■ ■ ■ s s's s / y w /■ 

To prove it, we just apply the definitions. 

7 From QISRN to WALT 

Functions of QISRN into WALT. First, we define a map [ ]° from the signature Sqisrn to A: 

1. [z°-°]° = El J p], while [z fe < z ]° = \m ... n k si ... s/.[z '°]°, for every k, I such that k + I > 1. 

2. [s° 4 ]° = Eb^WsO]. 

3. [s?' 1 ] = Eb^Wsl]. 

4. [p - 1 ] = Eb^P]. 

5. [tt^' 1 ]° = \xi . . . Xk+i-Xi, with 1 < i < k + I. 
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6. [c 0i3 ]° = \xyz.Bxyz. 

7. Let 0; 0: h [/]° : (-• JjL^W) (-• f =1 S m W) $" l W, and 0; 0; h [ 9l }° : (-. f =1 $W) $ m -W, 

with i G {1, . . . , fc'}, and 0; 0; V [hj}° : (-• f =1 $W) (-• - 3 = i$" J W) $"'W, with j G {1, . . . , /'}. If 
p = max{m, mi , . . . , mfe' , n±, . . . , ny }, then 

[°fe'^' i=1 !< [/' 5i ' ■ ■ ■ ' Sfc' ' h i ' ■ ■ ■ > h '' 1] ° = 

[\xi . ..^.Ee^IL/lKElilCoerceP-™- 1 ] n) . . . (El\ [Coerce^™" 1 ] z v ) 

, \xi . . .x k .Ee p k ^ [[ 3l ]°](Eli[Coerce J> - mi - 1 ] an) . . . (El\ [Coerce^™ 1 - 1 ] a*) 

, . . . , \ X1 . ..x k .Ee P k -™»' [[.g fc ,]°](Ei;[Coerce p -'^'- 1 ] Xl ) . . . (ElJ [Coerce*-" 1 *' " X ] x k ) 

,\ Xl ... x k .Ee p k -^ [[ft 1 ]°](El}[Coerce p - ni - 1 ] xi) . . . (El^ [Coerce^" 1 - 1 ] x k ) 

,...,\xi. ..x k .Eel7* 1 ' [[A,,]°](Ell[Coerce , '- n «'- 1 ] xi) . . . (El{ [Coerce^"''- 1 ] x k )] . 

8. If 0; 0; h [fa] : $W (-• f =1 $W) (-• ^ =1 $ m 'W) $ m 'W $ m 'W, with i G {0,1}, and 
0; 0; h [g}° : (-• f =1 $W) (-• - =1 $ m W) -• $ m W, then: 

[r fc+1 'Wo,/i]]° =It 1+k ,i[F ,F u G\ , 

where G = Ee p k ~" l l+1 [\n m . . . n k si . . . sj r.[g]° m . . . n k si . . . sj], = Ee^™ i +1 [[/»]"], withp = max{m , 
mi, m}, and i G {0, 1}. 

Interpreting QISRN to WALT. Let 7Z be the set of environments, such that, every p G 7?. is a map from Vqisrn to N. 
Then, [ J is a map from a pair in (QISRN U Sqisrn) x to A, inductively defined on its first argument: 

Hp = IpO)]/> G Vq.srn) 

[0]p = [0]° 

Ifh = lf]° (/ G Sqisrn) 

[/(*!,..., tfc, Ml,..., Ul)] p = 

Ee^ ; 7" +1 - m [Ee " ; ^ i [[/l P ](El "-«[^i]p]) • ■ ■ (EIq^ [[**],])] 
(El ( r 91 [MpD • ■ ■ (Elo" 91 [N]p]) (/ G £*£ RN ) 
when u = max{m,pi, . . . ,Pk}, v = max{u — 1 + m, q\ . . . , q{\, and: 
h [/]„:(— ? = i$W) (-. J =i $ m W) $ m W 

H'«i:$ K W i6{l,...,*} 
hM P :$^W J6{1,...,I}. 

Otherwise, [ J is undefined. 

Weight of a term in QISRN. For proving the statement that formalizes how we can embed QISRN into WALT 
(Theorem 5 below) we need a notion of weight of a closed term in QISRN, which, essentially, gives a measure of its 
impredicativity. For every closed term t G QISRN U £qisrn> w g(^) is the weight oft, defined by induction on t. If t 
is one among zero, predecessor, successor, projection, and branching, then wg(t) = 0. Otherwise: 

k y''_ i- 1 
w g(°fc'/ _1 '[/>0i>-- ■ , 9k', hi,..., hi']) = 3max{wg(/),wg(gi), . . . , wg(ff fc ), wg(/ii), . . .,wg(hi), -} 

wg(r fc+1 ' ! [g,/i ,/li]) = 2max{wg(g),wg(/io),wg(/ii), -} 

wg(/(ti,.. • ■ = 2max{wg(/),wg(ti),. . . , wg(t fc ), wg(wi), • • . ,wg(tii), -} 

Theorem 5 (QISRN is a subsystem of WALT.) Lef k, I e N, / G ^q/srw t, *i, . . . , tfc, tti, . . - s u; ferms o/ 
Q/SRA/. 
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1. There is an m > 1 such that 0; 0; h [/]° : (-• f =1 $W) (-• ^ =1 $ m W) $ m W. 
2- lf(h,---,t k ,Ui,...,Ui)] p is defined, for every p. 

3. 0; 0; h [t] : $ m W m'ft m < wg(t). 

4. [n] — n, /or every n > 0. 

555 5. If fint, ...,n k ,s 1 ,...,si) = n, then [/(ni, . . . , n k , Si, . . . , sj)] -** 1, /or every rii , . . . , n*,, Si, . . . , s t E N. 

Point 1 is a direct consequence of the typing of the combinators of WALT that we use in the definition of [/]°. Point 2 
follows from point 1 here above and from the definition of [ ] . Point 3 holds by induction on t. Point 4 holds by 
induction on n. Point 5 holds by induction on /. Finally, by structural induction on t, we have: 

Corollary 5 (The embedding of QISRN into WALT is sound.) Let t g QISRN, and neN. If t = n, then {t} p ->■+ 
560 n, for every environment p. 

8 Conclusions and further work 

WALT is a type assignment for pure A-terms, typable in System F, that characterizes the class of poly-time computable 
functions. Its design principles relax the stratification of deductions of LLL, LAL, DLAL. The subject reduction holds 
for a suitable restriction of both call-by-name and call-by-value /3-reduction coherently with the idea that we can 

565 simulate a call-by-value poly-time sound rewriting system, like SRN is. A call-by-value behavior implies that WALT 
presents the typical aspects of the standard call-by-value A-calculus, that we can outline by a simple example. Let us 
assume to use the call-by-value rewriting step — >„ on System F — recall that (\x.M)N — ►„ M{ N / x } if AT is either a 
variable or a A-abstraction — . Then, we can write hsystem F \ fx.(\w.f w)(fx) :\/a.(a — > a) — > a — > a. Namely, we 
can give the type of the Church numerals to -^ t ,-normal forms not having the canonical form \fx.f(. . . (fx) . . .). But 

570 this is an intrinsic aspect of the call-by-value and WALT cannot escape it. The call-by-value nature of WALT is a further 
example that the call-by-value operational semantics has a role in the domain of Linear logic [PRR99, CDLRDR05]. 
Finally, future work might address, at least, the following subjects. 

Completeness of WALT with respect to SRN, or other systems like the tiered ones. The conjecture is that 
WALT is, in fact, SRN complete. We know from [DLMR04] how using an iterator to supply the same value to two 
575 distinct arguments of a given function. So, composing enough iterators in WALT to duplicate a safe argument, and 
"dispatching" the copies as needed, using a linear exchange combinator, looks a promising strategy to prove the SRN 
completeness of WALT. 

Generalizing the design principles of WALT. WALT is a generalization of some basic structural proof-theoretical 
principles. It is natural to ask if it is the larger system that extends such principles. In fact, preliminary investigations, 
580 say that there is room for further poly-time sound generalizations of WALT. 

Polynomial A-calculi. We think that the rewriting relation — that WALT induces on the A-terms deserves further 
study. The emphasis should be put on the A-terms M, typable in System F, that can be reduced to their normal form 
M' by some poly-time sound normalization strategy, based on the call-by-value, or call-by-name, /3-reduction. If M" 
is the normal form that we can get from M by using — how much does it cost to rewrite M" to M', by iterating the 
585 the call-by-name, or call-by-value, /3-reduction? 
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660 A Completeness 

We explicitly show that the poly-time completeness of WALT holds. Notice that this property must be explicitly 
proved because WALT does not exactly contain LAL as its subsystem. We shall represent and simulate poly-time 
Turing machines inside WALT: the depth of the derivation encoding the given machine will be constant, independently 
of the length of the representation of the tapes. We borrow and integrate ideas in [Rov99, AR02, MNM02] showing: 

665 Theorem 6 (Poly-time completeness.) For every poly-time Turing machine M with a set of states S, a tape alphabet 
S, a transition function 8, and a polynomial p k (x) of degree k, we can write a closed X-term M with type LS — o 
$ 4e+1 C such that M takes a list of type LS, that represents the input tape, and evaluates it to a configuration of type 

<C4e+l/-< 
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The configuration contains the encoding of the output tape, and e is the least value such that k < 2 e . M is the 
670 composition of two parts. The quantitative one is a term that represents p k (x). It calculates how long the simulation 
of M lasts. The qualitative part implements the transition function 5 of M as an iterable A-term. The quantitative and 
qualitative parts are put together so that the Church numeral, result of the quantitative part, iterates the qualitative one, 
starting from an initial configuration, that contains the representation of the input tape. Before proceeding, without 
loss of generality, we fix some simplifying assumption and convention on the poly-time Turing machines we shall 
675 represent. S contains the initial and the accepting states sq, and s a , respectively. £ contains at least the symbols false, 
true, and blank, identified as oi, o~2, 03, respectively. For any given M, 5 cannot leave s a , once entered it. Namely, 
p k (x) may overestimate the time required to yield the result. So, 5, besides the leftward move <= and the rightward 
move =>, can issue the stay-there "move" J| to the read head. Finally, we assume that M enters s a with its head on the 
leftmost symbol of the output portion of the tape, where, by "output portion", we mean the symbol under the head and 
680 all the symbols to its right hand side, up to the first blank. 

A.l Preliminaries 

Notations and definitions. If X is any finite set, \X\ is its cardinality. $"M denotes $■••$/! with n > occurrences 
of $. An analogous meaning holds for \ n A. (— o£_j A;) abbreviates A\ — ° • • • — o A n , while (— •|L 1 Aj) abbreviates 
A\ ■ ■ ■ — • A n . If useful, B A shortens A — o B, for any A, B. Finally, the A-term identity \x.x is /. 

Table 1 introduces and redefines some basic data-types we shall use to define the encoding of a given M. We 



Type name 


Type definition and canonical terms 


List of type A 


L A = Va/3.!(A -« (f3 -0 a) -0 a) -<= $(q -0 f3 -0 a) 
nil = \c.\x.\y.x 

[Mi,...,M m ] E\c.\x.\f/.cMi(---(\i/.cM m (\|,.i))---) m>l 


Alphabet 


£ = B| S | + i 

07 = tt] e|+1 1< i < |S| 

J_ = ^ 


State 


S = B| S | 

si = nf l < i < \S\ - 1 



Table 1: Basic data-types 

685 

redefine the structure of the lists to simplify their inductive manipulation in a call-by-value setting. The alphabet 
representation has the term a7 for every symbol ai G S, plus _L, that marks the left hand border of the represented 
tape, and T which marks the right hand border. This allows us to give a finite representation of the tape, and to extend 
it on-demand to the left, or to the right, when the read head reaches one of the two borders. Namely, our choice is 
690 different from [MNM02], where no border is explicitly used in the representation of the tape. There, the side effect is 
that every application of the representation of 5 to the representation of the tape extends this latter by one symbol per 
part. 

Lemma 6 (Typing Afphabet and State.) Recall that, for every < i < m — 1, 0; 0; I- tt" 1 : B m . The type ofWl and 
si are obvious, once instantiated m with |S| and |S|, respectively. 

695 Lemma 7 (Dynamics of Afphabet and State.) Recall that it™ (M , . . . , M m _i) — >+ Af,. An analogous behavior 
exists for Wl and ~sl, once replaced m by |S| + 1 and \S\, respectively. 

Table 2 introduces the Basic combinators useful to build the more complex terms of the qualitative and quantitative 
parts of M. Some of them have already been defined in previous sections. Any explicit reintroduction is justified by 
the attempt to improve the readability by means of a uniform naming of the combinators with similar behavior. Every 
700 successor takes an instance of some Basic data-types and yields its successor, whatever this means. Every coerce takes 



34 



Class 


Definition 


Successor 


NSucc = \mf.(\zx.f(zx))(mf) 
NSucc = \tfa:y}).(fEb 1 pNSuccl x.EbMNSuccl y}) 

<J Wl sJ/ \l L J" L 1 <j it 

LSucc[M] = \xy.LPush[M] x (y I) 

where LPush[M] = \xl.\c.(\yzw.c z(y w))(l c)(M x) 
LSucc [M,jV] = \xy.LPusii (s [M](Nx)((\{{z lZ 2}).({\y.z 1 ,\y.^}))(yI)) 
where LPush [M] = \({asi x 2 })\{{yi y 2 }}- 

({El^[LSucc[M]] xi yi,El^[LSucc[M]] x 2 y 2 }) 


Coerce 


SCoerce = \x.X {oo, ■ ■ ■ , 
NCoerce = \m.(\z.z 0)(m(\y. NSucc y)) 
LCoerce[M] = \l.(\z.z nil I) (I LSucc[M]) 
ItLCoerce^M] = LCoerce[M] 

ItLCoerce™ [M] = \x-.El}[ltLCoerce n_1 [A/]](LCoerce[M] x) n> 1 


Diagonal 


SV = \ar.a; {{o , <r ), . . . , (o]e|+i, 0]e|+i» 
EV = \x.x {{{cro,cro }>,.■-, ({o-|s|+i,o-|E|+i})) 
NV = \m.(\z.z ({O,O}))(mNSucc ) 
LV = \L(\.z.z({niI,nil})i)(ZLSucc [M,iV"]) 



Table 2: Basic combinators 



an instance of some Basic data-types and gives back the same instance inside some boxes. Every diagonal replicates 
the instance of some Basic data-types inside some boxes. 

Lemma 8 (Typing the Basic combinators.) Successor. 1. 0; 0; h NSucc : N ^> N. 

2. 0; 0; h NSucc Q : ($N $N) -0 (SN SN). 

3. Let 0; 0; h M : A -o $A Then, both 0; 0; h LPush[M] : A — o LA — o LA, and 0; 0; h LSucc[M] : 
A -o ( 7 t -o LA) LA 

4. Lef 0; 0; h M : A -o $A and 0; 0; h iV : A -° ($A $A). 77zen, rwf/z 0; 0; h LPush Q [M, AT] : 
(SA SA) -o (S( 7 7 -o LA) $( 7 t — o LA)) -o ($LA SLA), and 0; 0; h LSucc [M] : A -0 
(V -° ($LA $LA)) -o (SLA SLA). 

Coerce. 1. 0; 0; h £Coerce:£ -o $£. 

2. 0;0;0 h NCoerce :N -o $N. 

3. Lef 0; 0; h M:A — o $A. 77zen 0; 0; h LCoerce[M] :LA -o $LA. 

4. Let 0; 0; h M:A —o $A. Then 0; 0; h ItLCoerce" [M] : LA -° $"L A, /or every n > 1. 

Diagonal. 7. 0; 0; h SV : S -o (S S). 

2. 0; 0; h SV Q : S -o ($53 $£). 

3. 0; 0; h NV Q :N — o $($N $N). 

4. Lef 0; 0; h M : A -o $A and 0; 0; I- N : A -° ($A $A). Then 0; 0; h LV [M, TV] : LA -0 
$(SLA©$LA). 

Lemma 9 (Dynamics of the Basic combinators.) Successor. 1. NSucc n — K+ n + 1. 

2. NSucc© ({m,rl}) -►+ {{^TT,1TTT}). 

3. For every n > 0, /ef M P, LPush[M] P [Mi, . . . , M n ], and LSucc[M] P (\y.[Mi, . . . , M,J) fee typeable. 
For every y g |J"=i FV(MA M P ->+ P wip/ias LPush[M] P [Mi, . . . , M„] -►+ [P, M x , . . . , M„] and 
LSucc[M] P (\y.[M 1; . . . , M„]) ->+ [P, M u . . . , M n ]. 
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4. For every m, n > 0, and i,j £ {0, 1, 2}, Zef i« assume that M P it TV P it 

LPush s [M] {{Pi, Pi}) ({\y.[Mi, . . . , M ro ],\y.[7Vi, ■ 
LSuccq [M, TV] P ({ [Mi, ... , M m ] , [JVi, . . . , TV,,] }) 

be typeable. For every y (U"i FV(M,)) U (U"=i FV(JV,-)), */MP 
f/zen: 

LPush Q [M] ({Pi, P 2 }) {{\y-[Mi, M m },\y.[N l7 7V„]}) -++ 

({[Pi,Mi,...,M TO ],[P 2 ,TVi, 

LSucc [Af, TV] P \y.({[Mi, ■ • ■ , M m ], [TVi, . . . , TV„] }) -+ 

({[P 0! Mi,...,M ro ],[P 0! iVi, 

Coerce. 7. SCoerce M —>+ M, /or every M G {±,oT, ... T}. 
725 2. NCoercem — ►+ m, for every m > 0. 

3. For every m > 0, Tef LCoerce[Af] [Mi, . . . , M m ] be typeable. If M Mi — ►+ Ah, for every < i < to, 
then LCoerce[A/] [Mi, . . . , M m ] -►+ [Mi, . . . , M m ]. 

4. For every m > 0,n > 1, Zef ItLCoerce"[M] [Mi, ... , M TO ] oe typeable. If M Mi ->+ M i; /or every 
< i < to, f/zen ItLCoerce"[M] [Mi, ... , M m ] ->+ [Mi, . . . , M m ]. 

730 Diagonal. 1. SV M ->+ (M, M),for every M e {_L, oT, . . . , T}. 

2. SV Q M -f+ ({M, M}), /or every M 6 {J., ST, . . . ,5^, T}. 

3. NV© to — ({to, to}), /or every to > 0. 

4. For every < i < to, let us assume M, Mi, TV, Mj, a«c/ LVq[M, TV] [Mi, . . . , M m ] oe typeable. If 
M Mi -++ and TV M t -++ ({M< , M }}, rfeen L V Q [M, TV] [Mi, ... , M ro ] -++ ({ [Mi , . . . , M m ] , 
[Mi,...,M ro ]}). 

For proving the statement, we need to consider four cases for the class Successor. With NSucc proceed by induction 
on n. With NSucc Q prove that Eb 1 [NSucc] 77 — ►+ n + 1 by induction on n. With LPush[A/], and LSucc[A/] proceed 
by induction on n. With LPush [Af], and LSucc [M, TV] apply the definition and use the result on the dynamics of 
LSucc[M]. 

740 For the class Coerce we have fourcases. With SCoercejust apply the definition. With NCoerce and LCoerce[A/] 
proceed by induction on to. With LCoerce"[T\/] proceed by induction on n, using the previous case. 

For the class Diagonal we have three cases. With £ V just apply the definition. With NVq proceed by induction 
on to. With LV [M, TV] proceed by induction on to, using the previous points. 



. . , TV„]}) , and 

Pi and TV Pi -++ ({Pi, Pi}), 



■■.,JVn]}> 
■■.,JVn]}> 



A.2 Quantitative part 

745 The quantitative part requires to represent polynomials. Recall that, by assumption, if our poly-time Turing machine 
enters the accepting state a a , it never leaves it, even if the clock, bounded by a polynomial p k (x) = ^ i=0 kiX 1 , of 
degree k, keeps ticking. This observation, together with the assumptions x, k > 0, allows to simplify the form of the 
polynomials to represent. First, we observe that Yli=o ^i x% — x ^ 12i=o — ^x k < Kx 2 " , for the least e > such 
that k < 2 e , and for every big enough K. Second, we write a closed term p[e, K], with type $N — • $ 4e N, that applied 

750 to 77, yields Kn 2 " . So, the result of p[e, K] 77 will be the clock in the representation of the given Turing machine. 
Table 3 introduces p[e, Kj. 

Lemma 10 (Typing and dynamics.) 1. 0;0;0h+:N^N^>N and + 77777 — »+ to + n. 

2. 0; 0; h x :N -o $N -• $N and x 77777 77777. 

3. 0;0;0h x :($N0$ 2 N) -o $ 2 N and x Q 77777 ->•+ 77777. 
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p[e, K] and the combinators that define it 




+ = \mnf.(\wzx.w(z x))(m f)(n /) 
x = \mn.(\z.zO)(m(\y. + ny))) 
xo = \({mn}).(\z.zO)(m(\y. + ny)) 

Sq° = V.ElilxoKElJlV^^D.^^bMNCoercelzDKNVon)) 
Sq 1 = Eb^Sq ] 

Sq e = ^.E^ISq^^Eb^Coerce 4 ]!) (e > 1) 
p[e, K] = \x.(\xy. x xy)K(Sq e x) (e > 1) 


Table 3: Representing a polynomial with exponential exponent 



755 4. 0; 0; h Sq° :N — o $ 3 N and Sq° to ^+ m*. 

5. 0; 0; h Sq e : $N $ 4e N and Sq e to -*■+ mP \ for every e > 1. 

6. 0; 0; h p{e, K] : $N $ 4e N andp[e, K] to -►+ Km 2 ', for every e > 1. 

To prove it we apply the definitions in Table 3, and use Lemma 6, 7, 8, and 9. In particular, for typing Sq e , we 
inductively assume 0;0; h Sq 6 " 1 : $N $ 4 ( e_1 )N. Finally, it is necessary to show 0; 0; h \xy. x xy^^^N -o 

760 $ 4C N $ 4e N. 

A.3 Qualitative part 

Notations. Mr TO;n ] denotes a sequence M m , . . . , M„ of terms. If to > n, then Mr m;n i is empty, and we denote it by _ . 

The element of position to < i < n in Mr m .„i is Muy The quasi-Tapes are almost lists and are used as a convenient 
shortening of both the configurations and the quasi-configurations of Table 4. The definition of quasi-Tapes is: 

T[_;_;a:] = x 

T[c ( i ;ro] ;M[i ;m ];a;] = c w M w (\y.T[c [2;m y, M [2 - m y, x]) (m > 1) 

Configurations and quasi-Configurations of Table 4 are the data-types that we use to define 5, our encoding of 5. 
Every instance of Configuration represents the left hand side of the tape, the current state, and the right hand side of the 
tape, under the conventions in Table 1 on the representations of the states of S, by the terms of type S, and the symbols 
of S, by the terms of type S. For example, an initial configuration is: 

C[[±];flo;[5 [ i. m] ,T]] (22) 

where Ru\ = a%, for every 1 < i < m, 1 < fc < |S|, and to > 0. The left hand side of the tape is empty, so it 
contains only the symbol _L that marks its border. The right hand side, besides its right border T, is assumed to contain 
R\i- m ] the input tape of M. Observe that, if to = 0, then the represented tape is empty. In a few, we shall see that 

the condition "R(i) different from _L and T" has consequences in the definition of the look-up function that determines 
the moves and the tape symbols, written by the head in a configuration and which must determine when the left or the 
right hand side of the tapes in a configuration must be extended. Every instance of pre-Configuration is an intermediate 
step between two consecutive configurations, the second being obtained by applying the transition function to the first 
one. For example, let us assume that i?m = a 1 and that we need to simulate S(cr', so) = (=^, s, a). We must move 
rightward in the state s, writing a, once read Rm in (22). The resulting configuration would be: 

C[[a,±];s;[R [2 . m] ,T]] (23) 
Then, the quasi-configuration generated between (22) and (23) is 

p[(±,_);ao; <«(i), [fl[2; m ],T]>] (24) 

Namely, a quasi-configuration, besides the state, makes available the symbol under the head and the symbol to its 
immediate left. These two symbols and the state find in a look-up table the next move, state and symbol to be written. 
The definition of the look-up table must also define what to do when the read symbol, or the one immediately to its left 
765 are T or _L, respectively. 
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Type name 


Type definition and canonical terms 


Configuration 


C = Va/3.!(S -° (J3 13 -o a) -o a) -o 

$(tt — o q — o ((/3 s -o a) ® S 18 ( / 9' 3 -o a))) 
C[[L [1;m] , J_]; s; [%.„], T]] = \c.\lr.(\y.T[c ll . m+1] ; L^y _L; l],s, 

\y-T[c [1; „ + 1] ;fl [1 .„ ] ,T;r]> 
m, n > and cm — c for every 1 < i < max{m, n} + 1 


quasi-Configuration 


= £ 53 <g) a 
P = Vq0.!(S -o (/3 s -o a) -o a) -o 

$(ct o ex o ((/3 s -o V°) 18 S 18 (/a- 9 -o VJJ))) 
P[(i,[f [lim] ]); a; <ii, [%;»]]>] = \c.\lr. 

(\y.{L,F,T[<! [lim y,L llim y,t\) 
, s" 

,\9.(fl,F,l[L| 1; „ ]; %„];r])) 

m,n > 0,F e {\cht.t,\cht.cht} 

and c(j\ — c for every 1 < i < max{m, n} 



Table 4: Configurations and quasi-Configurations 



A.3.1 The look-up table 

The look-up table Ag, where c is the sequence of the free variables of the look-up table itself, must allow to define the 
transition function 5 as a coherent extension of 8 on T, _L. We have to think of using A^by applying to it, at time t, the 
symbol a l h under the head, the state s*, and the symbol a\ to the immediate left of the head. Namely, a\(s t (a t h Ag)) 

770 will occur in the definition of 8. The types of a\, s', at (Table 1) suggest that Ag be a tuple with |E| + 2 tuples, each 
containing \S\ tuples with |E| + 2 triples A<> s > a \ . Table 5 defines a A<> s << , for every combination of u^, s*, and 
of, depending on the value of 8(cr t h , s t ), which yields the move direction, the new character <r t+1 and the new state 
s t+1 . The first three rows of Table 5 define the triples on the tape symbols of S. The last row covers the case where 
the head of M, we are going to define, has passed the right hand border of the represented tape. This is meaningless 

775 from the point of view of both 8, which is undefined, and of the definition of the triples. So, we yield the conventional 
dummy value (/, ~s^, I). The three remaining clauses manage the situations where the head of M reaches one of the 
borders of the tape. These cases must be treated coherently with the definition of 8, suitably extending with the correct 
symbols the content of the represented tape. Given the triples, we can define Ag as in Table 6, whose proviso (*) reads 



< 


< 


6 










{I,s*+\\ty.c<T\{\y.J a*+H)) 






5(aLsVO = (^,<T t +V+ 1 ) 


(\ty.ca*+\\y.c' &ft),a*+\I) 


any 


any 


5(a* h ,S a ) = (J|,oi,Sa) 


{\ty.ca\t,s^, \ty.c' a* h t) 


1 


any 


5{a t h ,s t ^s a ) = {^,a t+ \s t+1 ) 


{\ty.c ± t, s*+\ \ty.c' oE{\y.c" a'+i t )) 
where 0-3 is the separator blank 


any 


T 




(\ty.ca*+i(\y.c' a*t),st+\\ty.c" Tt) 


any 


T 




(I, S t+\\ty.cai(\y.c' a t+1 (\y.c" T t))) 


T 


any 


undefined 


(1,^,1) 



Table 5: The triples elements of the look-up table 

as follows: cis the sequence containing the free variables of every A <J ' S ' ,J , for every combination of a, s, and a', given 
780 that, no(c, A <T ' S ' <T ) = 1, for every c £ FV(A cr,s ' cr ), and given that the set of the free variables of any two triples be 
disjoint. The idea is that a\ Ag extracts a "row" A CT <s from which s* A°fc gives a "column" A a h> st . Finally, a\ A* 7 *" 8 ' 
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yields the triple A^'"' ' a i . 



As and the combinators that define it 


A CT ' S = 


(A I ' s ' 1 ,A v ' ,r » 1 ..,A v '' , l !: lA' r ' s ' T ) with a 6 {_L,oT,... 


°"|s|,T} 




and s 6 {so , . . . , ~s\s 




A" = 


(A CT '^° , . . . , A CT -^T) with a 6 {±, ai, . . . 




As = 


(A 1 - , A^>, A^W, A T > with the proviso (*) 





Table 6: Representing the look-up table 



A.3.2 The transition map 

Table 7 defines the transition map as the composition of two terms C2P and P2C. The former maps a configuration, at 
785 time t, to a quasi-configuration. The latter goes in the opposite direction, yielding a new configuration, at time t + 1, 
starting from the quasi-configuration. C2P iterates the step function SC2P[c] on the two sides of the represented tape, 
starting from the base function BC2P[M, c]. Finally, A^c means that, in C2P, Ag is used substituting c for every of 
the free variables in x. 



5 and the combinators that define it 


BC2P[M, x] 


= (M,\cht.t,x) 


SC2P[c] 


= \eg.(\(h f t).(e, \cht.cht, fcht))(g I) 


C2P 


= \nc.(\zlr.z BC2P[±, I] BC2P[T, r])(n SC2P[c]) 


P2C 


= \nc. 




(\zlr. 




(\(xsy). 




(\(e l f t I ).\(e p /*****). 




(\{h l s h r ).(h l (\y.t'), s, h r (\y.t r )))(e l (s(e h A 3{ « /g} ))) 




){*i)(yi) 




){zlr) 




)(nc) 


5 


= \c.P2C(C2Pc) 



Table 7: Representing the transition map 



Lemma 11 (Typing and dynamics.) 1. to:£, x:a; 0; h BC2P[w, x] : Vg. 
790 2. c:S -o {$P -o a) -o a;0;0 h SC2P[c]:S -o (/3 13 -o V|) -o V|. 

3. 0;0;0 h C2P : C -« P, and C2PC[[£ [1;m] ]; s; [R {1 . n] ]} -►+ p[(L (1) , [L [2;ro] ]}; s; <i? (1) , [%,„]])], /or every 
to, n > 1. 

4. 0;0^0 h P2C:P — C, fl« £ /P2CP[(i, [L {1 . m] ]):s: (R, [i? [1;n] ]>] -+ 
c [[-^'[i;m'],i[2;m]]; s'5 [R' [l-n'], R[2;n]]l far everym, n > 1, ioffie to', v! > Oands'. 

795 5. 0;0;0 h J : C -o C, and <J C[[L[i ;m ], JL];s; [-%,„], T]] -►+ C[[L / [i ;m /],L[ 2;m ]];s / ; [i?'[i ; „/],ii[2 ;n ]]], /or every 
to, n > 1, iome to', n' > anrf s'. 
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Proof. The typing of BC2P[w, x] is simple. The key judgments to type SC2P[c] are: 

g:P f3 ^ V£;0;0h ff I:V£ 

c:E -o (fJ 13 -o a) -o a,e:£;0;0 h \(hft).(e,\cht.cht,fcht):Vp -o V£ 
/:U^,c:S -o -o a) -o a, h : S, t : a; 0; h /eft*: a 

The key judgments to type C2P are: 

n:C;0; {(0;c:S ^> (/j" -o a) -o a)} h n SC2P[c] : $(V^ -o V£ -o ((/?" -o V|) ® S ® -o V£))) 
0;0;0h \2Zr.z BC2P[_L,«]BC2P[T,r]: $(V£ -o -o ((/?" -o V£) ® S ® -o V£))) -o 

$(a -o a -° ((^ ^Vj")«S0 -o V£))) 

For the dynamics, just apply the definitions. 
The key judgments to type P2C are: 

r, e l : S, s : S, e h : £; 0; h e ! (s(e h A s )) : {tfP -o a) -o Z?' 3 -° a) <g> S ® -ho a) -° Z?' 3 -o a) 
i ! :a,t h :a;0;0 h \<ft ! s h r ).{h l (\y.t l ), s, h r {\y.t r )) : 

(((/3" -o a) -o 0" -o a) ® S ® ((/?" _ a ) -o -o a)) -o 

(^-o a )gS8(^-o«)) 

n:P; 0; {(0; c: E -o -o a) -o a)} h nc:$(a -o a -o ((/^ -o V|) S ® -« V?))) 

2 : a -o a -o ((/3" -* V|) ® S ® (/j" -o V|)), i : a, r : a; 0; h z I r : (/J' 3 -o V|) ® S ® (0? -o Vg) 

where : X — o (/J/ 3 — o a) — ° a G T, for every it^ £ FV(A^). For the dynamics just apply the definitions, and 
observe that m',n' may vary, depending on the direction move of the head. Finally, the typing of 5. It is a trivial 
composition of the typing above, and for its dynamics just apply the definitions. □ 



A.4 Encoding of a poly-time Turing machine 

Table 8 defines the term M that represents the poly-time Turing machine M. M requires to duplicate its input x, that 



M and the combinators that define it 


L2C 


= \lc.(\zlr.{\y.c±(\y.l),sE,z(cT(\y.r))})(lc) 


L2N 


= \lf.(\zx.zxl)(l(\et.f(tl))) 


M 


= \x.Eli[\{{2 p ,2 c }).M Zp , Zc ](LVo[SCoerce,SV Q ]x) 




= (\xy.(\i l.(\z.z (L2C l)){i~Sj)x y) (p[e, K\ (Eb 1 [L2N] z v )) (Eb 1 [1] ItLCoerce 4e [ECoerce] z c ) 



Table 8: Representing the Turing machine 

represents a given input tape of M. LVofSCoerce, SVq] duplicates the instance of x. p[e, K] (Eb 1 [1]L2N z p ) is 
in charge of using the copy z p of x to obtain the length of the computation, represented as a Church numeral n, for 
80s some n. The second copy z c of x, once embedded into a suitable number of $-boxes, is transformed into an initial 
configuration, by L2C. Finally, n iterates the transition function 5, and the result is applied to the initial configuration. 

Lemma 12 (Typing and Dynamics.) 1. 0; 0; h L2C : LS -o C and L2C [<?[i ;n ]] -*•+ 
C[[±];so; \ff[i-n] , T]], for every n > 0. 

2. 0; 0; h L2N:LS -o N and L2N [<?[i ;n ]] n, for every n > 0. 

bio 3. 0; 0; h M : LS -o $ 4e+1 C and M fi[i ;n ]] ->£ ^[W 1 [i-,p]: M'>^a> \^[i-,q], TD> for every n > 0, and some 
sequences cr Z [ 1;p ] , cr r \i- q ], with p, q > 0. 
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For the proof, the key judgments to type L2C are: 

0; 0; {(0; {ci :S -o {f -o a) -o a, Cr : S -o (f -o a) -o a})} h 
\zlr.{\y.ci ±(\y.l),so,z(cr T(\y.r))) : 

$(a -c -o a) -o $( Q -o a -o ((/3" -o a) ® S ® -o a))) 
Z:LS;0;{(0;c':S -o -o a) -o a)} h Zc':$(a -o /? /3 -o a) 

The key judgments to type L2N are: 

0;0;0 h \2x-.2x-/:$(a -o -o a) -° $(a -o a) 
Z:LS;0;{(0;/:a -o q)} h l(\et.f(tl)) : $(a -o -o a) 

The key judgments to type M are: 

0;0;0 h \a-y.(V;.(\2.^(L2C0)(i5))x-y:$ 4e N-. $ 4e+1 LS -o $ 4e+1 C 

0; 0; {(z c : LS; 0)} h Eb 1 [ltLCoerce 4e [SCoerce]] z c : $ 4e+1 LS 

0; 0; {{z p : LS; 0)} h p[e, A'] (Eb 1 [L2N] z p ) : $ 4e N 

a; : LS; 0; h LV [SCoerce, SV ] x : $($LS $LS) 

For the dynamics, just apply the definitions. 

So, using the initial assumptions on the poly-time Turing machines we want to simulate, and consistently extending 
S to both _L, and T by S, and applying Lemma 12, we can state: 

TfM, applied to the input tape 3\\ ]n ], for some n > 0, produces the output portion 0"'r 1;p i of the tape, then 
M [ct [i ;n ]] simulates it. Namely, M[ct[i ; „]] evaluates to C[[cr[i ;TO ], _L]; s^; p^[i ;p ], & r [i;q] , T]], /or some 
sequences cr* [i ;rrt ] , o" r [i ;g ], vWf/z m,p, g > 0. 
which implies Theorem 6. 



B Details about the proofs 

Proof of Lemma 2 (Structural properties) 

Point 7 of Lemma 2. We proceed by structural induction on IT, which can be written as Hm(R)- The base cases 
occur with R G {A, $, !}, n = 1, and qi = 0. We focus on the inductive steps, starting with Um being 

n M{ */ z */ a }(C, II' M ) t> T; A; £ U {(9 Z , 9 y ; h M{*/. */„} : B. 

1. Let us call £ y the set £ U {(9 y ; y : A)}. By induction on IT M > T; A; £ y , (Q z ; z : A) h M : B, there 
are n > 1 and qx, . . . , q n > such that wi(n^ f ) > qi + . . ■ + q n and: (i) M can be written as 

M'{*/ Z i_ z i z? _ z n } for some M'\ (ii) for every 1 < i < n, there is LTf (i?,) > Tf ; Af ; 6"?, {(91; zf : 

A)},...,{(9*.;^ : -4)} l~ = Cf. subdeduction of U.' M , with i?., e {A,$, !}, that introduce z\ : 
A, . . . , zi. : A; (iii) g>i + . . . + q n — 1 instances of C,—oE,—oE\,—» E in the tree with the conclusion of 

U' M as root and the conclusions of every LTf as leaves, are required to contract z\ . . . z* z™ . . . z™^ 

to z. 

2. Now, let us call £ z the set £ U {(9 Z ; z : A)}, and, proceed again by induction on H' M that we see as 

n' M , Wl 1 n n } >T;A;£ z ,(O y ;y:A)\- M'{*/ zl _ zl }: B. There are m > 1, and 

Pi, ■■■,Pn > such that wi(n M / {i/ii ^ } ) > pi + ■ ■ ■ + p m and: (i) M'{ z / Z i_ z i a?...«j n } can 

be written as M"{ z / Z i z i z «... z « }{ y /yJ...yi y^...y m 1' f° r some Af"> (ii) f° r every 1 < j < m, 
there is n*^) > Tf, A^E*, {(B{;Jj : A)}, . . {(S|. ; ^ : A)} h P? : C|, subdeduction of n M , with 
i?j G {A, $, !}, that introduce y{:A,...,y 3 p .:A\ (iii) pi + • ■ • +p m — 1 instances of C, — ° E, — o E\ , — • E 
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in the tree with the conclusion of n' M ,^ i , as root and the conclusions of every ITj as 

leaves, are required to contract y\ . . . y^ y" 1 . . . y™ m to y. 

So, we have n+m subdeductions of II M {i/ z x / } in which we can count q\ + . . .+q n —l+p\+, . .+p m — 1 + 1 = 
qi + . . . + q n + Px + . . . + p m — 1 instances of C,—oE,—oE\,—» E in the tree, say r, with the conclusion of 

H-m{*/ z */ v }iP) as root anc l me conclusions of all II|s, and IT^s as leaves that contract z\ . . . z™ . . . 

to z, y\. ..y^ yT ■■■ V™ m to and z > V to x - Tne reason why ^ + . . . + q n + p x + . . . + p m < 

wi(II^) follows from the definition of width at depth 1 that, applied to II j\/ counts at least the occurrences of 
C, —° E, — o E\, — • E in r here above. The resulting value cannot exceed the total number of instances of 
C,—oE,^E\, E at depth 1. 

With IIpq(— o E) and ITpq(^ E<) we can proceed analogously. All the other cases, IIpq(— • E) included, 
routinely apply the induction. 

Point 8 of Lemma 2. As a first case, let M be x. Assuming that Re {—°E,—°E\,—» E,—°I,—°I$,—oL,—» I}, 
contradicts the hypothesis that the subject of the conclusion of II be x. Assuming that R G {VI, $} contradicts 
the hypothesis that the type of x be \A. So, R can be A. However, it cannot be of the form r, x : I A; A; £ h x : I A 
because, by definition, illegal. So, R can only be one among !, C, and VE. If R is !, then II(!) is: 

r>:A;0;{(e';0)} hx:A 

{i:A}urceu$ 

6 / Dom($) n FV(x) = {x} 
r';A;{($e';0)}U{(e;s:A)} <r x:\A ' 

Namely, x forcefully belongs to Dom(f). It follows that the presence of a single polynomial assumption ex- 
cludes that we can apply C below the given instance of the rule ! 

Only the case R = ME, is left, but we shall see that this is impossible. Indeed, by definition, the modality in 
front of A could not be introduced by the rule ME and it had to be present before the substitution on types takes 
place. Namely, we should be starting with: 

x:Ma.\B, T; A; £ h x:Ma.\B A 

which is an illegal instance of the axiom. 

As a second case, let M be \x.N. We observe that R e {A, —° E,—o E\,—» E} contradicts the hypothesis 
that the subject of the conclusion of II be \x.N. Moreover, assuming that Re {— o I, — o i$, — o 7] , — • 7, MI, $} 
contradicts the hypothesis that the type of \x.N be IA. So, R can only be one between !, C, and ME. If R is !, 
then IT(!) is: 

r';0;{(e';0)} h \x.N:A V C 9 U $ 9 / ^> Dom($) n FV(M) / 
r ; A; {($9'; 0)} U {(9; $)} h ! 
with FV(\a;.Ar) C Dom(r') C Dom(6) U Dom($). 

In the case R be equal to C, since the subject is a A-abstraction with type \A, the modality in front of A must be 
introduced by an instance of the rule ! that, given our assumptions, cannot be followed by any rule but a sequence 
of instances of the rule C. The situation can be summarized as follows: 

r';0;{(9';0)} h \x.N:A F' C 9 U $ 9 ^ Dom($) n FV(M) ^ 

r ; A; {($9'; 0)} U {(9; $)} h \^JVU4 ! 



But $ is either empty or a singleton, hence, the sequences of instances of C is empty. 

Only the case R = ME, is left, but we shall see that this is impossible. Indeed, by definition, the modality in 
front of A could not be introduced by the rule ME and it had to be present before the substitution on types takes 
place. Namely, the type of \x.N prior to the substitution would have form Ma.lB, for some B. But this would 
contradict the definition of the rule ME. 

To sum up, we can conclude that the only admissible conclusion is the rule !. 
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Point 9 of Lemma 2. Proceed in analogy to the proof of point 8 here above. 

Proof of Lemma 3 (Substitution property) 

860 Point 1 of Lemma 3. Notice that the hypothesis x G FV(M) excludes ITj/(i?), with R G {!, $}, since, in those cases, 
x FV(M). We detail out a couple of points, proceeding by induction on IT^/. 

As a first case, let ITj/ be such that XIm(A) > T x , x : L; A x ; £ x h x : L. Then, H x {n / \ coincides to 11^ D> 
r^, Tjv; A x , An;£ x U £n \~ N : L, which is obtained from Iljv, by Lemma 2, point 3. The same point of the 
same lemma implies the following statements. 

865 Subpoint la of Point 1 is d(H x rN i\) = d(n^y) = max{0, d(IIjv)} = 

max{d(IL J ), d(Il N )}. 

Subpoint lb of Point 1 is w^IL^w / \) = Wd(R' N ) = Wd(IIjv) = + Wd(II^r) 
= Wd(H x ) + Wd(IIjv-), for every d > 0. 

Subpoint lc of Point 1 is s (TI x{ n / ^) = s (n' w ) < 1 + s (ITv) = s {Il x ) +s (nAr). 

870 Subpoint Id of Point 1 is Sd(II x /N /\) = Sd(n^y-) = + Sd(IIv) = Sd(II x ) + Sd(ILy), for every 1 < d. 

As a second case let IIm be such that o E, Hp,Hq) > Tp,x : L,Tq;Ap, Aq;£p U £q h PQ : 

B. Either x G FV(Q), or x G FV(P). Let us assume x G FV(P), the other case being symmetric. By 
induction, there exists IIp^jv i\ \> Tp, Tjv; Ap, Ajv; £p LI £n h P{ N / x } : C — ° B, that we can use as a 
principal premise of an instance of — o E, whose secondary premise be YLq t> Tq; Aq;£q h Q : C. So, 

n (PQ){ iv /x} > r P , rjv, r Q; a p , a n , A Q; £ P u£ N u£ Q h- (pq){ n / x } ■. b. 

Subpoint la of Point lis d(H( P Q^N / i) = max{d(IIp{iv/ x }), w(IIq)} = max{d(IIp), d(IlAr), d(ng)} = 
max{d(IIpg), d(IlAr)}, using the inductive hypothesis. 

Subpoint lb of Point 1 requires two cases. The statement holds for 

wo(II(pQ^jvy x j) because w (n) = 0, for every II. It also holds with d = 1, since wi(U^ P q^n / i) = 
880 wi(IIp{jv i\) + wi(IIq) + 1 = wi(IIp) + wi(IIq) + wi(IlAr) + 1 = wi(IIpq) + wi(IIjv), using the inductive 

hypothesis. For every d > 1, it holds not counting the application. 

Subpoint lc of Point 1 is s (II(pq) { n /aj} ) = s (IIp{jv/ x }) + s (IIq) + 1 < So(IIp) + So(ILy) + s (TIq) + 1 = 
s o(npq) + So(IlAr), using the inductive hypothesis. 

Subpoint Id of Point 1 is s d (n ( p Q){ N / x }) = s d (U P{ N /sc} ) + s d (n Q ) + 1 = s d (U P ) + s d (ILv) + s d (n Q ) + 1 = 
885 Sd(npq) + Sd(IlAr), for every d > 1, using the inductive hypothesis. It is enough to proceed analogously in 

the cases Hm(~ ° E\), Hm(— • E), where, in particular, x can be free only in its principal premise; the proof is 
simpler with Hm(R) whose R has a single premise. 

Point 2 of Lemma 3. Notice that the hypothesis x G FV(Af) excludes Um(R), with R G {A,!}, since, in those 
cases, x FV(M). Then we proceed by structural induction on IIm. 
The first case is with concluding by: 

U' M > r Ml x :L; A' M ; {(G^; 0)} h M : B 
Fm,x:L C A M U{x:L}U\JZ 1 Q^[JT=i^i 

e, / ^ = 

r'; $A^, A M ,x:L; {($Q' m ; 0)} U {(0i; *i)} uTTTu {(G m ; $ m )} h M:%B $ 

890 Point 9 of Lemma 2, applied to II ^ t> T^r ; A ; £ m h N : $L, requires to focus on two cases: 

• LetILv($)be: 

oTjv; A' JV ;{(6W;0)} h AT:£ 

c u ur=i u ur=i 

e; / ^ $^ = 

r'^; SA'jv, Ajv; {($9'^; 0)} U {(0i; U . . . U {(6^; K)} ^N:$L $ 
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Using point 1 of Lemma 3 on H' M , and 11^, we get U' M r N , , > T M ,T N ; A' M , 

A' Ar ;{(6' M ;0)} U {(6^;0)} h M{ N / X } : B, that allows to conclude by an instance of $, yielding 
fl M {jv / i with the right conclusion. 

• Let ILv(C) D> r^; A'^;£'j^ h A*" : $L, Iteratively applying Lemma 2, point 9, we eventually prove the 
existence of IT^($) > T' N ; $A' Nl A N ; {($Q' N ; 0)} U {(6i; U . . . U {(6' (l ; h N : $L, which, as 
in the previous case, we assume to have a premise derived from n^. So, we use point 1 of Lemma 3 on 
on H' M and II'^ as before. After an instance of the rule $ we still get YIm{ n i m \ with the right conclusion. 
Now, we proceed by the application of as many instances of C as those we can count in II jv below 11^ ($). 
Let us say they be r and let us call Ilj^rjv / X }(C) the final deduction. 

Subpoint 2a of Point 2 has two cases. The first case is: 

d(n M{W/x} ($, n A/{JV/x} )) = d(n^ f{ N /:r} ) + 1 

= max{d(n A/ ), d(n^v)} + 1 (by induction) 

= max{d(n; f ) + 1, d(n'jv) + 1} 

= max{d(nM($,n' M )),d(n JV ($,n' JV ))} (25) 

Step (25) holds because both 11^ and H' N are followed by the rule $. The second case is based on the first here 
above, observing that d(n(C, II')) = d(n'), for every deduction II. 

Subpoint 2b ofPoint 2 has two cases. The first case has IIv($)- Ifd — 0, the statement holds because wo (II) = 
for any n. If d> 1: 

wd(n M{ N /x} ($,n' M{ N /x} )) = w d „i(n^ /{ iv /x} ) 

= w^ifn^) + w d _i(n^) (by induction) 

= w d (nM($,n' M )) + w d (n JV ($,n^ v )) (26) 

The second case is with Hm{C). If d = 0, we have wn(II) = for any II. With d > 1 we can still write: 

w d(n A/ {iv /x} ($, n' M{N/x} )) = w d _i(n' M{N/x} ) 

< w d _i(n' M ) + w d _i(n' JV ) (by induction) 

= w d (n M ($,n' M )) + Wd (n^($,nW)) 

where IIjy-($) replaces II/v($) of (26). We can conclude by observing the two following facts: 

• if d = 1, then we count r instances of C below Wd(n A /{jv / T }($)) to obtain Wd(H-M{ N / a ,}(C)), and r below 
w d (II^($)) to obtain Wd(ILv(C)), so getting: 

w d (n M{ » /x} (c)) <w d (n M ($))+w d (niv(c")) . 

• if d > 1, by definition of width, we do not count any instance of C neither below Wd(n M rw / x }($)) nor 
below Wd(IIjy ($)), even if they exist. So, we get again: 

wd(ft M {« /x} (c)) <w d (n A/ ($))+w d (n JV (c*)) . 



Subpoint 2c of Point 2 requires to observe that we can only have IIm($), 

Iljv(-R), n M {»^}($), n M {N/ x }(i?) with R G {C, $}. By definition, the partial size at level is on any 
905 deduction terminating by the rules $, and C. So, the point trivially holds. 

Subpoint 2d of Point 2 has d > 1. The union of the subpoints lc and Id of the lemma we are proving, 
applied to II' M , and 11^, imply Sd-\(Jl' M r N / i) < Sd-i(n' M ) + Sd-i(J^' N ) since x is linear in 11^. So we get 

s d (n M{ « /x} ($)) < s d (n M ($)) + s d (n w ($)), or s d (fl M{ « /x} (C)) < s d (n M ($)) + s d {Il N {C)), depending on 
the last rule of II at. 
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The second case is with n^/($) concluding by: 



U' M >T M ;A' M ,x:A;{(Q' u ;0)}\-M:B 

T M C Am u u™ ! e, u u™ ! e 4 / o $i = 

r';$A' M ,i:$A,AM;{($e; i; 0)} U {(0i;*i)} U . . . U {(6 m ;$ m )} h M: 



A^;£^ h TV:$ 2 A Point 9 of Lemma 2, applied to U N (R) > T'^; A^; £jj- h TV :$ 2 A, requires to focus on two 
cases: 



To match the above assumption about IIm(S) we must assume Hn(R) > T'^; 

3 oint 9 of Lemma 2, applied to Iljv(i?) t> T'^; A^; £^ 

Let n w ($)be: 

oTjv; A' JV ;{(e' JV ;0)} h TV:$A 

r^cA^u U"=i el u ur=i *< + «* *i = 



Y' N - $A' N , A N ; {(SOW; 0)} U {(0i; U . . . U {(G' n ; & n )} hN:$ 2 A 

So, applying the inductive hypothesis on 11^, and U' N we get H' M r N , \>Tm^n\ AJifi A^; {(8' M ; 0)}U 

{(0^; 0)} h M-j^/x} : £> that allows to conclude by an application of $. 

• Let ILv(C) E> r^; A^; £'n h N : $ 2 A. Iteratively applying Lemma 2, point 9, we eventually prove the 
existence of IT^($) C> T' N ; $A' N , A N ; {($& N ; 0)} U {(0' i; <!>[)} U . . . U {(6;,; $'„)} h TV: $ 2 A which, as 
in the previous case, we assume to have a premise derived from Iljy. So, we can proceed on n' M , and IT'^ 
as before, to conclude by a applying the same number of instances of C, that we can count in ILy, below 

n»($). 

To prove Subpoints 2a, 2b, 2c, and 2d of Point 2 proceed in analogy to what we did above. All the other cases 
of ITA/(i?) routinely apply the inductive hypothesis. 

Point 3 of Lemma 3. Notice that the hypothesis x G FV(M) excludes Hm(A), otherwise x £ FV(M). Then we 
proceed by structural induction on Hm, by detailing out four base cases. 

The first case has IIm($) that concludes by: 

n M > r M ; a' m - {(e' M ,x ■. A; 0)} h m-.b 

t m c Am u U2,i e» u Utei ®i ©« # = 



T'; $A' M , Am; {($0i f , a: 0)} U {(0i; $1)} U . . . U {(0 m ; <& m )} h M:$B 

To match the above assumption about ITm($) we must assume Hn(R) > 0;0;£n ^ TV : $ 2 A, with £jv C 
{(Oat; 0)}, in accordance with the statement we have to prove. Then, point 9 of Lemma 2, applied to Hn(R), 
requires to focus on the following single case, since ILy(C) > 0; 0; £n F TV : $ 2 A is excluded by the assumption 
on £ C {(6jv; 0)}- Let ILv($) be: 

nV>rjy;0;{(0 , JV ;0)} KTV:$A T N C 8' 

0;0;{($0^,0';0)}hTV:$ 2 A $ 

Point 9 of Lemma 2 applied to T w ; 0; {(0^; 0)} h TV : $A implies that FV(TV) C Dom(6^). Namely, T N = 0. 
So, we can apply the inductive hypothesis on both and IT^. WegetU' M f N , , >Tm; A^-; {(& m , 6/yj 0)} ^ 
Mj^/^l : T3 that allows to conclude by an application of $. 
The second case has ILa/ (!) that concludes by: 

r M ;0;{(e' M ,x:A;0)}h M-.B 

T AI C 0m U $m / =>• Dom(3>) n FV(M) / 



T'; A; {($0'm, x : $A; 0)} U {(0 M ; $m)} h M : !B 

We can proceed with the same assumptions and arguments used in the proof of the first case here above. Ap- 
plying point 9 of Lemma 2 to Iljy, and the inductive hypothesis to both n^, and U' N , we get U' M r N , , > 
r M ; 0; {(6^f , Q' N ; 0)} h M{ N / X } : B, which allows to conclude by using the rule !. 
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The third case has IIjvj- ($) that concludes by: 

r M ,x:L;A' M ;{(Q' u ;Q)}h M:B 

T M ,x:L CA M U{i:i}U U™ i ©< U \J?=i ©< ^ $ t = 
r'; $A' M , Am; {($9 m ; 0)} U {(9, , x : L; ^)}u |J™ M/j .{(0 i; h M :$£ $ 

The above assumption about IIm($) is matched by assuming Il7v(i?)[>0; 0; fjv l~ Af : $L, with £ at C {(9at;0)}. 
Then, Point 9 of Lemma 2, applied to IIjv(-R), requires to focus on the following single case, since the case with 
ILv(C) >0;0;£at h N : $L is excluded by the assumption on £ N C {(9at;0)}. LetILv($)be: 

n , jv >r j v;0;{(9 , JV ;0)}h N:L F N C 9' 
0;0;{($9W,9';0)}hiV:$L 

So, using point 1 of Lemma 3 on both II' M , and IT^ we get U' M r N , , > Tm, Tn] 

A' u ; {(Q' M ; 0)} U {(Qjyl 0)} r- Mf-^/a,} : -B that allows to conclude by an application of $. 

The fourth case has that concludes by: 

W M >T M ,x:L;0;{(e' M ;0)}h M:B 

T M ,x:L C 9m U {ie:L}U$m 9 / => Dom($) n FV(M) / 

r'; A; {($G^;0)} U {(Q M ,x:L; $m)} h M:!B - 

We can proceed with the same assumptions and arguments used in the proof of the third case here above. Ap- 
plying point 1 of Lemma 3 to both U' M , and IT^ we get TI' m{ n /x} > T M , Tjv; 0; {(9' M ; 0)} u {(©jv; 0)} h 
M{ N / x } '■ B, which allows to conclude by using rule !. 
The remaining cases of Hm(R) routinely apply the inductive hypothesis. 

To prove the subpoints 3a, 3b, 3c, and 3d of point 3 we can proceed as we did for the subpoints 2a, 2b, 2c, 
and 2d above. 

Point 4 of Lemma 3. Notice that x e FV(M) excludes Hm(A). Otherwise x g" FY(M). We proceed by induction 
on n M . 

Lemma 2, point 7, applied to Iljvf D> Tm; Am',£m, (0; x : A) \- M : B implies the existence of n > 1 and 
5lj • • • , Sn > such that wi (Uu) > Qi + • • • + In and: 

• M can be written as M'{ x / X i ^ x i x ?...x n }, for some M'; 

• there are n subdeductions W P . (R t ) > i\; A, ; ; £ h (Q\;x\ : A),..., (8* . ; x\ . : A) h P» : C 4 , with P; G 
{A, $, !}, that introduce x\:A,..., x\. : A; 

• q± + . . . + q n — 1 instances of C,—°E,—oE\,—» E are required in the tree with the conclusion of II m 
as root and the conclusions of IIp.s as leaves to contract x\,..., x qi , , x™, . . . , x™ n to x. 

Using the assumption on £jv we focus on the case £^ = {(©at; y '■ C)}, the other being simpler. 
Lemma 2, point 8 can be applied to II jy implying that its conclusion be: 

U' N \>y.C,r' N ;<D;<D^ N:A {y.C} U T' N C 9 at U {y.C} 
Fn; An; {(9jv; V'-C)} h N:\A ' 

where C is linear. Now we can split the set of all IIp.s into two complementary sets. The first set Q contains 
all the deductions lip (Ri) such that both Ri 6 {$, !} and at least is a linear type 

assignment in the premise of Ri. The other set B is equal to {lip (Ri) | 1 < i < n} \ Q, namely the set of all 
lip. (Ri) whose conclusion is either an axiom, or a modal rule that introduces every of x\ : A, . . . , x l q . : A as a 
fake polynomially partially discharged assumption in the conclusion of Ri. The assumption no(x, M) = 1 says 
that Q contains a single TL' p in which only one among x\ : A, . . . , x l q . : A is a linear type assignment. We can 
assume it be x\ : A with i = 1. 
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We can apply Lemma 3, point 1, to the premise IT' wl d> w\ :C, T' n ; 0; h N{ w ^/ y } : A of U N , and to the 

N{ 1 / y } 

premise of n' P in Q that, by definition, has form: 

r i; a i; f !, (ehxi-.A), (e£ ■ < ! A) P 1 

We can get a set £/' with a single deduction II' t with form: 

p 1 { k| '" 1 '» 1 / i i} 

n" ,„i >r' 1 ', l » 1 1 :C,r; ; A' 1 ';£;'hP 1 { s i" ! /»i/ I i}:c; 
/y} / 1 } 



ri; Ai;£i U {(& N ;wl:C),(el;wl:C),...,(e 1 qi ;w 1 gi :C)} h Pi {""f™ 1 / x i } : fliCj 

Moreover, we can build a set £>', from £>, so that every deduction of B 1 is identical to one of B up to the 
introduction of the fake assumptions w{:C, . . . , w q . : C in place of x[ : A, . . . , x J q . : A, for every 1 < j < n and 
j ^ i, using the rules A, $, !. Finally, we choose, arbitrarily in Q 1 U B' a deduction to introduce and A at as 
fake assumptions in its conclusion. We observe that the set of assumptions of the deductions in Q 1 U B' are those 
of Q U B up to the changes due to the substitution of N{ u 'i / y } for x\ in P\. So, we can apply to Q' U £>', and to 
the subdeductions of LTj\/ not in Q U B, required to build IIm, the same sequence of rules that, from Q U B, lead 
to Iljvf itself. This implies to apply at least the q\ + . . . + q n — 1 instances of C, — o E, — a E\ , — • E that contract 
w\ , . . . , w qi , , w" , . . . , Wq n to y. We end up with a deduction with conclusion: 

1% t> T M , Tjv; Am, A at; £ m U {(9jv; y : C)} VM:B 
where Em LI {(Oat; y : C)} is exactly Em U £/v and: 



M = (M'[ Pl { N ^M /xl} ,,, { ^/y} /xl j,,, 

. . . P n { ^ ^ V ^/xV-} ■ • - { ^ ^ V*2L }]){ V /w}. ..w 1 w n ...w n } 

= {M'[P 1 { N ^ l /^/ x{ }P 2 ...P n \){y/ wl } 
= {M'[P 1 ...P n ]{ N ^ l /^/ xl }){y/ wl } 

= (M'[P! . ..P»]){%} = ((M'[A . = ^{^A} ■ 

M[Mi . . . M„] highlights that the terms Mi, ... , M„ occur in M. 

Subpoint 4a holds because we have not introduced any new instance of modal rules in the course of the recon- 
struction Of Iljjj. 

Subpoint 4b holds for d = by definition of width. If d = 1, then wi (Hm{ n /„}) 

= <7i + . . .+q n — where qi + . . .+q n — l counts the number ofrules required to contractu;}, . . . ,w qi , , 

tf", . . . , w qn to y, and fc counts the contribution to the width of IT^n / x j by the instances of —° E,—° E\, — • 
_E, C that do not contract the polynomial assumptions of the deductions in Q U £>, but which may exist to produce 
the whole Hm- However, all the q\ + . . . + q n — 1 + k rules exist in Hm{ n / x } exactly because they exist in Hm- 
So, Wd(II A /{jv / i ) = Wd(IlM). for < d < 1. Notice that £ = may imply that we can avoid the use of some 
of the instances of — o E, — o E\, — • -B, C to build Ilj^-rjv / i . So, w^II^n / < w^Um), for < d < 1. 

Point 4c holds because all the substitutions in M occur at level 1, and we do not change the structure at level 
thanks to the way we build Q' , £>', and IT A 7. 
Point 4d holds because: 

n 

Bd{U M iN/ x x) = (qi+...+q n -l)+Sd(U' i ) +y"s d (n'pj +k 

71 

< ( qi + . . . + q n - 1) + s d (n' Pl ) + ^s d (n' Pi ) + k + s d (n N ) (27) 

i=2 

= Sd(IlAf) + S d (IIiv) 
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where step (27) holds by induction on II' i , which has the same structure as II' fN , -, , and k takes 

into account the contribution to the width of Hm{ n / \ by the instances of — o E, —° E\ , — • E, and C that do not 
contract the polynomial assumptions of the deductions in Q U B, but which may exist to produce the whole IIm- 

970 Point 5 of Lemma 3. Notice that x e FV(M) excludes Hm(A). Otherwise x FV(M). We proceed by induction 

on n M - 

Lemma 2, point 7, applied to IIm D> Tm', Am;£mi (0;a; : A) h M : B implies the existence of n > 1 and 
5i> • • • , q n > such that wi (IIm) > qi + ■ ■ ■ + q n and: 

• M can be written as M'{ x / X \ x i x?...x n }, for some M'; 

975 • there are n subdeductions H' p . (Pj) >Tj; A^; (0^; : A), . . . , (0* ;a;* : A) h P; :Cs that introduce the 

polynomially partially discharged assumptions x\ : A, . . . , x l Qj : A, and such that R{ e {A, $, !}; 

• q± + . . . + q n — 1 instances of C,—oE,—oE\,—» E are required in the tree with the conclusion of IIm 
as root and the conclusions of lip s as leaves to contract x\ . . . x^ x" . . . x™ n to x. 

We observe that every 0^, . . . , Q l q ., with 1 < i < n, must be equal to 0. If not, the only way to get rid of them, 
980 to obtain the pair (0; x : A) in the conclusion of 11^/, would be the use of the rule -• / in some positions between 

the conclusion of H'p. (E4) and Tm; Am; £m, (0; x:A) h M:B. However, — • / can only be applied in absence 

of the assumptions x\ : A, . . . , x qi : A, , x" : A, . . . , x™ n : A, some of which, instead, we know to exist, 

thanks to 110(21, M) > 1. We focus on the case £^ = {(0; y : C)}, the other being simpler. 

Lemma 2, point 8, applied to II n, implies that its conclusion be: 

Il' N >y.C;<l);<l)h N:A | 
rjv; Ajv; {(0; j/:C)} h N :\A ' 

where C is linear. Now we can split the set of all II ' p s into two complementary sets. 

985 The first set Q contains all the deductions H' p .(Ri) such that both i?,; £ {$, !} and at least one among x\ : 

A, . . . , xi. : A is a linear type assignment in the premise of Ri. 

The other set B is equal to {lip | 1 < i < 11} \ Q, namely the set of all H' p (Ri) whose conclusion is either 
an axiom, or a modal rule that introduces every x\ : A, . . . , x z q . : A as a fake polynomially partially discharged 
assumption in the conclusion of R4. 

We can apply Lemma 3, point 1, to the premise II' , > : C; 0; h N{ w i / y } : A of IIjv, for every 
1 < 3 < Pi, and to the premise of every H' P of Q that, by definition, has form: 

lip t>T",z\:A,...,Zp-. A; A"; £" h P t : C[ 
T % -A % -£i, (0; {x\:A,..., x\ % :A})^P % : RiC[ * 

with pi < qi, and {z\ , . . . , z* } C {x\ , . . . , x* }. We get a set Q 1 of deductions lip with form: 

n p . > rj', w{ : C, . . . , <4 : C; A'/; £<' h P t : G[ 
r i; Aij £i, (0; w\:C,..., w\. : C) h P t : h'.C 

990 where A is Pii^" 17 ^/^ ■ ■ • Ar{ "' P * /b} / z j.}, and {w{, . . . , w' p .} C {tyj, ... ,«;*.}. 

Moreover, we can build a set £>', from £>, so that every deduction of B' is identical to one of B up to the 
introduction of the fake assumptions w\ : C, . . . , w l q . : C in place of x\ : A, . . . , x q . : A, by using the rules 
A, $, !. Finally, we choose, arbitrarily in Q' U B' a deduction to introduce Tn and A at as fake assumptions in 
its conclusion. We observe that the set of assumptions of the deductions in Q' U B' are those of Q U B up to 

the changes due to the substitutions of the terms N{ w * /y}& for which is one among x\, . . . , x qi . So, we can 
apply to Q' U B 1 the same sequence of rules that, from Q U B, lead to IIm(P)- This implies to apply at least the 
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gi + . . . + q n — 1 instances of C, — o E, —° E\ , — • E that contract w\ , . . . , , , u>" . . . Wg to y. We end 

up with a deduction whose conclusion is: 11^ > Tjv/ , r^; Aj/,Ajv; £aj , (0; y :C) h M:B, where (0; y :C) 
is £m U an( J: 

1 X P1 

....PW{*<* P/ *>/„ r '»>/.» }]{'/,! *n a „ } 

i Pn w 1 ...(«p 1 "^1 •■ • 

= J/'[P 1 { ,, l" ! /»V L..^' 1 '")/ ! }... 

Z l X P1 

...PJ""" 7 '''^..." 1 "'""'" 1 /." }]{»/„! „1 „» „» } 

1 Pn " J l-" J q 1 1 ■ q n 

= (M'VPl . ..P n ]){ N / 11 n n } 

= ((M'[F 1 ...P„])r/ !c} x i x? x „ }){"/*} = A/{ N / X } . 

1 91 1 Qn 

M[Mi . . . M n ] highlights that Ml.. M„ are subterms of M. 

Subpoints 5a, 5b, and 5c of point 5 holds for reasons analogous to the ones that justify the subpoints 4a, 4b, 
and 4c above, respectively. 
Subpoint 5d of point 5 holds because: 

sd(n M{JV/x} ) = (gi + ... + ?„ - i) + X> d (ni=.) + fc 

i=l 

= («!+... + ?„- 1)+Jsj_l(4.) + fc 



i = l 



< (91 + .. . + <?„ - i) + y><J-i( n 'p-) + s d _i(n' , ) + ... +Sd _ 1 (n' 4 )) + k (28) 

fcl * ™{ !/«> «{ Pi/ B } 



= (gi + ... + q n - 1) + ^(s d _i(n' Pi ) +p l s d _ 1 (n' N )) + k 

1=1 

= («i + ... + «„- i) + ^s d _i(n P .) + fe + s d _i(n^)^ Pi 

i=l i=l 
= (gi + ... + g„ - 1) + ^s d (n Pi ) + fc + s d (njv)^Pi = s d (n M ) +no(i,M) B d(%) 



i=l i=l 



Step (28) holds by iteratively applying the points lc, and lc of Lemma 3, and using the observation that every 
pi , . . . , p n is the effective number of linear type assignments in lip. which are replaced by the linear type 
assignment of 11^, if any, up to a renaming of, at most, the single free variable of N. k counts the contribution 
to the width of n M {« i\ by the instances of — o E,—° E\, — • E, and C that do not contract the polynomial 
assumptions of the deductions in Q U B, but which may exist to produce the whole Hm- 

Proof of Lemma 4 (Subject reduction at depth 0.) As a first step, we inspect the structure of H(\ x .m)n > T; A; £ h 

(\x.M)N: B. In general, it contains an instance of one of the arrow eliminations that assume the generic form: 

IV. M t> V M ;A M ;£u \~ \x.M :AdC 

U N f>r N ; A N ;£ N h N:A D£{^>,-»} (29) 

r M ,r N ;A M ,A N ;£ M U£ N h (\x.M)N:C Re 

followed by a, possibly empty, sequence a of instances of the rules C, VI, and \/E, with r > instances of C. No other 
rules can belong to a, since we are at depth 0. Moreover, U\ x .m D> Tm; Am', £m \~ \x.M :AdC must be obtained 
by an instance of: 

n M t>r' tf ;A; ; ghM:C 

Tm; Am; £'m 

where Ri is some arrow introduction, followed by a, possibly empty, sequence p of instances of the rule C, VE, V/, 
with s > instances of C, and x G Dom(r^j) U Dom(A' M ) U Dom(£' M ). The possible combinations of pairs 
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(P/,P B ) are: (— o 7, — o E),(—° 1$,—° E),(—» L,—o E\),(-» E). If some instances of the rules ME, VI 

exist in p, the types of the whole deduction can be rearranged to eliminate them, using Lemma 2, point 1. So, we can 
assume that p contains only s occurrences of C. 

First case. We assume no(x, M) = and N e A T . 

As first hypothesis we let (30) be: 



U M > T M ; AMjg, (6m; x :A)\- M:C 
T M ; Am; S' m u {(6m; 0)} h \x.M-.\A -o C 



(31) 



Lemma 2, point 7, implies the existence of n > 1 and q±,. .. ,q n > such that wi(IIm) > <7i + ■ ■ ■ + Sn> an d: (i) M 
can be written as M'{ x / X i x i x ™...x n }> f° r some M'; (ii) there are n deductions IL'^RA [> T^; Ajj (O^; x| : 

A), . . . , (0|; . : A) h P : Q such that H< ^ II M and Pj e {A, $, !}; (iii) + . . . + q n - 1 instances of 
C, — o E,^> E\, — • E, in the tree with the conclusion of YLm as root and the conclusions of Il^s as leaves, are 

required to contract x\, . . . , x* , , x™, . . . , x" m to x. Call r such a tree. We observe that M is M 1 since none 

of the XjS occurs in the corresponding Pi, otherwise we could not have no(x, M) = 0. However, this does not 
prevent to have instances of C in r (uselessly) contracting some Xj. Lemma 2, point 4, implies the existence of 
Ii'({Ri) > T;; Ajj fi U {(0^; 0)} h Pi : Cj, with 1 < i < n, to which we can apply the instances of the rules in the tree 
r, but the contractions C occurring in it, obtaining: 

n M >r lf ;A M ;Su{(e lf ;0)}hM:C . (32) 

(32) can be followed by the sequence p, which yields: 

r«;A M ;^HM:C . (33) 

loos Lemma 2, point 3, applied to (33), implies the existence of Tm, ^n', Am, A at; £m 
U£ N \~ M : C, which, followed by a, becomes r; A; £ h M : C. 
As a second hypothesis we let (30) be: 

n M > r A / ; Am ; £' M , (G M , as : A; 0) h M : C 

r (34) 



r M ;AAf;£iJ U{(6 M ;0)} r- \a:.M:$A-.C 



Lemma 2, point 6 implies II'(P) > T'; A'; £ (6', x : A; 0) h P : C, that introduces x : A, and such that II' r< n M , 
P £ {A, $, !}, for some T', A', 6'. Since no(x, M) = implies no(x, P) = 0, we have that Lemma 2, point 4, 
allows to deduce: 



that can be used to yield: 



U"(R) >T'; A';£',{(e';0)} h P:C (35) 



n M t>r M ;A M ;fM u{(e M ;0)} h P:C (36) 



exactly like n M >r M ;A M ;^, (9 A/ ,x:A;0) h M : C can be deduced from II' (P) >T';A';£', (6', x : A; 0) h P:C 
because the presence of x : A is not essential. (36) can be followed by the sequence p, which gives: 

T m ;A m ;£m^ M:C . (37) 

Lemma 2, point 3, applied to (37), implies the existence of r A /, Tn; A A /, A at; £m 
U£ N h M:C, which, followed by ct, becomes T; A; f h M : C. 

The cases where P is — o I or — o 7$ can be proved by following an analogous schema. 

Once proved the existence of the deduction corresponding to the redex, we can prove point 1, through 4 of the 
current statement. 

Point 1 and 2 hold by observing that H a[ ^n i\ coincides to II A / which does not contain the whole deduction 
n^. So, moving from II(Wjvf)jv to n A /, we might erase the component of H(\ x .m)n that determines the value of 
d(II(\ a . iAf )jv) otwi(H(\ x _m)n). 

Point 3 holds because H(\ x .m)N has an application more than IIm- 

Point 4 holds because s d (ttM{N/ y }) = Sd(n A /) = s^ILv/) + • Sd(rLy), for every < d < d(H(\ x .M)N)- 
Second case. We assume no(x, M) = 1, N £ A v , and N G A T . 
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As first hypothesys we let (30) had Rj equal to — o with assumption: 

S'm, (®;x:A) hM:C . (38) 

So, we must have: 

ILv oTat; Ajv;£iv h N:IA (39) 
on which Lemma 2, point 8, implies FV(iV) C Dom(£jv). Lemma 3, point 4, applied to (38) and (39) implies: 

n' M {N /:c }>r M ,T N ;AM,A N ;£^\j£ N \-M{ N / x }:C (40) 

such that: (i) d(U' M{N = max{d(n M ), d(ILv)}; (ii) w d (II' M{JV/ ^ } ) = w d (n M ), for every < d < 1; (iii) 
s (n' M{JV /sc} ) = s (II M ); (iv) s d {W M{N < s d (n M ) + s d (ILv), for every d > 1. 
Now, the sequence a and p can be applied to (40) to get 

n M { «/ x} or;A;£ h (41) 

Point 1 is: 

d ( n A/{«/.})=d(n; /{N/x} ) (42) 
<ma X {d(n M ),d(niv)} 
= max{d(ny a .. M ),d(n iv )} = d{Il ( \ xM)N ) 

where (42) holds because the rules in a and p have a single premise and are different from ! and $. 
Point 2 holds because both wo(II) = 0, for every IT, and: 

wi(n M{ N /i} ) = wi(n' M{JV M ) +r + s (43) 

<wi(n A /)+r + s + l (44) 

= wi(n Vx , M ) + r + l (45) 

= Wi(Il(\ a .. M ) J v) +r (46) 

= wi(II(\ a ..ji f )jv) (47) 

where (43) holds because we apply p and a to get (41) from (40); (44) holds using point (ii) here above; (45) holds 
because we know that (30) is followed by p; (46) holds by definition of width that counts an arrow elimination; (47) 
holds because we know that (29) is followed by a. 

Point 3 holds from (iii) above, by observing that So (IIm) < s o(n(\a;.M)7v) an d mat the partial size at level does 
not count contractions and universal quantifications. 

Point 4, for every d > 1, is: 

s d (n M{ jv /x} ) = s d (n; /{ jv /x} ) + r + s (48) 

< s d (n A /) +s d (njv) +r + s (49) 

< s d (n A /) + r + s + 1 + s d (njv) + no(x, M) s d {Ii N ) 
= BdQI(\x.M)N) + no(x,M)s d (U N ) ■ 

Step (48) holds because (41) is obtained from (40) by applying the sequences of rules a and p. Step (49) follows from 
(iv) here above. 

As a second hypothesys we let (30) had Rj equal to — • /, with assumption: 

IlM>TM\AM;£'M-X®M,x:A;®)>rM:C . (50) 

So, we must have: 

ILv > 0;0;£iv h N:$A . (51) 

We observe that £m C {(On', 0)}, since ITat is the secondary premise of (29), which must be an instance of — • E. 
Lemma 3, point 3, applied to (50) and (51) implies the existence of: 

n; /{W/i} > r u ; A M ; {(6a/; 0)} U & h C (52) 
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such that: (i) d(U' M{N = max{d(II M ), (1(11^)}; (ii) w d (U' M{N ^ } ) = w d (U M ) + w d (U N ), with d > 0; (iii) 
so(n^ /{JV = So(IIjvf); (iv) s rf (n' M{iV ^ } ) < s d (Il M ) + s d (n N ), for every d > 1. 
The sequence cr and p can be applied to (52) to get: 

n M{ « /x} >T;A;£\- M{ N / X }:C . (53) 

1030 Under the current hypothesis, Points 1, 2, 3, and 4 can be obtained from (53), (51), and (50) in place of (41), (39), and 
(38), respectively, following what we have done, for the analogous points, under the first hypothesis above. 
The cases where (30) had Ri equal to — o I§ or — o I, are simpler than those just detailed out. 
Third case. We assume no(a;, M) > 1 and N eA T . This implies that (30) has Ri equal to — o L with premise: 

Fl M >F M] A M ;£'u,{ < b\x:A)h M:C . (54) 

Since (\x.M)N is aredex, and N €A T , we have N GA V , FV(N) C {y}, and 

IIjv > Tat; Ajv; Sn H N :\A . (55) 

Lemma 2, point 8, applied to (55), implies that FV(A r ) C Dom(f at). The assumption on FV(A^) allows to have only 
one between £jv Q {(y'-D;$)} and £jy ^ {(0; y : D)}. In fact, only the second case is allowed, as Lemma 2, point 8, 
says that (55) terminates by an instance of the rule ! whose precondition forces the unique free variable of N to be a 
polynomial variable. So, we assume £m = {(0; y ■ D)}, the case with £ = being analogous. If we apply Lemma 3 
point 5 to (54) and (55) we get: 

£'^Li£ N h M{ N / X }:C . (56) 

such that: (i) d(IL' M{N M ) = max{d(n A/ ), d(n w )}; (ii) w d (n; /{JV/ ^ } ) < w d (n A/ ), with < d < 1; (iii) 
s o( n ' M{;v/x} ) =s (II M );(iv) Bd(H' M {N/ m y) < s d (II M ) +no(x,M)s d (ITiv), for every d> 1. 
We can now apply the sequences of rules p and cr with s + r instances of C to (56) and get: 

n M{JV/x} >F;A;£ h M{ N / X }:C . (57) 

Point 1 is: 

d(IL M { N / x }) = d(Il' M { N / x }) (58) 

= max{d(nM),d(n f ,)} . (59) 

1035 (58) holds because from (56) to (57) we apply the sequences of rules a and p that do not change the depth. (59) holds 
thanks to point (i) above. 

Point 2 holds because both wo(II) = 0, for every IT, and: 

wi(IL M { N / x }) = wi(U' M { N / x }) +s + r (60) 

<wi(IIju) + s + wi(njv) + l+r (61) 

= wi(II\ :c . M )+wi(nM) + i + r (62) 

= wi(n (Xa .. A:f)JV ) . (63) 

(60) holds because from (56) to (57) we apply s + r instances of C and some instances of VI, \/E. (61) holds thanks to 
point (ii) above. (62) holds because (30) is followed by s instances of C, before producing FI\ x .m . (63) holds thanks 
to the definition of width at depth 1 and because (29) contains one instance of an arrow elimination and is followed by 
1040 r instances of C. 
Point 3 is: 

s (n M { N /x}) = S o(n' M { N / x }) (64) 

= so(IIm) (65) 

< So(II(\ ia ,.Af)Jv) • 

(64) holds because from (56) to (57) we apply the sequences a and p of rules not counted as part of the size at depth 0. 

(65) holds thanks to point (iii) above. 
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Point 4, for every d > 1, is: 

Sd(n M { N / x }) = Sd(Ilif {*/.}) + s + r (66) 

< s d (n M ) +no(x,M)s d (njv) + s + r (67) 

< s d (n M ) + s + s d (Jl N ) + 1 + r + 110(1, M) Sd(ILv) 
= s d (n ( \ a .. A/)JV ) +no(a;,M)s d (n]v) . 

(66) holds because from (56) to (57) we apply the sequences of rules a and p with s + r instances of C. (67) holds 
thanks to points (iv) above. 

Proof of Theorem 1 (Subject reduction.) The assumption (\x.P)Q — * w P{® / x } at depth d in IIm implies the 
existence of Hr\ x mg ^< IIm such that Tlr\ x .p)Q is a depth d in IIm- 

Let us assume d = 0, and proceed by induction on IIm- The assumption d = excludes that IIm could conclude 
by R G {$, !}. The base case is LT a/ equal to H(\ x .p)q and, forcefully 11^ equal to IIpjQ / x. 

Then, Lemma 4 holds and, in particular we have the following correspondences: (i) points 1 and 2 of Lemma 4 are 
points 1 and 2 of Theorem 1, while (ii) points 3 and 4 of Lemma 4 become points 4 and 5 of Theorem 1, respectively. 
Finally, point 3 of Theorem 1 vacuously holds because i has to be both smaller and greater than 0. 

Since the last rule of II m cannot be neither $, nor !, the inductive application of Lemma 4 is routine, when H(\ x .p)q 
is strictly a subderivation of IIm, with d = 0. In particular, if an instance of C occurs below the conclusion of (\x.P)Q 
we can write: 

wi(ii]v) = wi(n P{Q /;c} (c,ii' p{ q < wi(n' F{Q/x} )) + 1 

< wi(n{\ x , P)Q )) + 1 = wi(iL(\ x .p )Q (c,n[\ x .p )Q )) = wi(n M ) . 

Let us now assume d > 0, and proceed again by induction on IIm- The assumption d > implies that the last 
rule of Um cannot be A and that YLm must contain at least one instance of the rules $ and !. We develop the details 
of the case IL^r (i£, IT M ), with R e {$, !}, the other cases routinely applying the induction. We observe that the redex 
reduces at depth d in IIm, namely, by definition of depth, at depth d — 1 in II M , originating which is 11^ but the 
last rule R. 

1. By induction, (1(11^) < d(n' M ) holds. This implies d(II / A r) + 1 < d(U' M ) + 1, equivalent, by definition, to 

dtiLv) < d(n M ). 

2. By induction, w^II^y) < Wi(n' M ) holds for every < i < d, since the redex occurs at depth d in IIm, hence at 
d — 1 in H' M . This implies w i+ i (IIjv(-R, n^)) 

< w i+ i(IlM(-R, n M )), for every < i < d, namely Wj(IIjv(i?, 11'^)) < w^Ilji/fiS, n' M )) for every 1 < i < 
d+l. Since w (II) = 0, for every II, Wi(R N (R, IL' N )) < Wi(n M (i?, W M )) holds for every < i < d+ 1. 

3. By induction, 8,(11^) = Si(n' M ) holds for every < i < d — 1. This implies S;(IIjv) = S;(IIm), for every 
1 < i < d, by definition. Since the reduction of the redex modifies IIm at depth d > 0, the depth of IIm and 
Hn is preserved. So, Si(IlAr) = s^IIm), for every < i < d. 

4. By induction, s c ;_i(II / A r) < Sd_i(II M ) holds. This implies s^IIjv) < s^IIm) by definition. 

5. By induction, we have s^II^) < Si(IT M ) + no(x, P) s^IIq) for every d — 1 < i < d(H' M ). So, we can write: 

s l+1 (n N (R,a' N )) =si(u' N ) 

< Si (U' M ) + no(x,P) Sl (n Q ) 

= s i+ i(n M (-R, n' M )) + no (x, p) s l+ i(n Q ) , 

for every d — 1 < i < d(H' M ). Namely: 

Si(n N (R,n' N )) < s,(n M (R,n' M )) + no(x, p) Sl (n Q ) , 

for every d < i < d(W M ) + 1 = d(n M ). 
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Proof of Proposition 4 For every n, let \ fx.f n x shorten n. We show the statement, proceeding by cases on n. 
SsO =(\nf.(\zx.f(zx))(nf))(\fx.x) 

->+ \f.(\zx.f(zx))((\fx.x) /) ->+ \fx.f((V-x) x) -»+ \fx.fx = l 
Ssn = (\nf.(\zx.f(z x))(n /)) x) 

-+ \f.(\zx.f(z x))(\x.f n x) ->+ \fx.f((\x.f n x) x) -+ \/ 3; .r +1 x = n+T 



Proof of Proposition 9 As a first case to show that 0; 0; h SMkC : (a — ° a) — o (B 2 ® a) — o (B 2 ® a) suitably 
derive and compose the following judgments: 

p:B 2 ; 0; h p{{-K 2 a ,n 2 ), <7T?, tt?» :B 2 ® B 2 

x:ol — o a,r:a;0;0 h p 2 )-(pi,P2(\a:.a:,a:)r) : (B 2 ®B 2 ) — o (B 2 ® a) 
As a second case, to show 0; 0; h MkC : W — o W compose the following judgments: 

0;0;0 h \«y.(\<o:y>.K)(»(BHkCy)):$((B2 ® a) -o (B 2 <8> a)) -o $(a -o a) 

n:W;0; {(0;O:a a)} h n(SMkC 0) :!((B 2 ® a) -° (B 2 ® a)) $((B 2 ® a) -o (B 2 ® a)) 
0; 0; {(0; 1 : a -o a)} h SMkCi 1 :!((B 2 ® a) -o (B 2 ® a)) 



Proof of Proposition 10 For every n, let \01x.{0, l} n x represent n, since {0, 1}" x stands for the correct sequence 
of 0s and Is that encode n in binary. 

As a first case we show the statement relative to WsO proceeding by cases on n. 

WsO M MkC (\01.(\zy.0(z?/))((\01x-.{0, l} n x)01)) 

-4 MkC (\01».0((\ar.{0, l} n *)»)) 

-»+ MkC (\01».0({0, 1}™ y)) (68) 

If n = 0, then: 

(68) ee MkC (\01y.0j/) 

-*t, \01y.(\(xy>.i/)((SMkC 0)(BMkCy)) 

\0ly y) -y)((\{p r) .{\{pi p2).(pi,P2{\x-X,0}r))(p({ir%, 7Tq), (ttJ , »rj) ) )) (7r„ , 3/) ) 
^ + \01y.(\(xy).y)((\(p lP2 ).(p 1 ^ 2 {\x.x,0)y))(^{(n 2 ,n 2 ),{7 r 2 1 ^ 2 1 )))) 
->t, \01y.(\(xy).y)((\(p lP 2).(puP2(\x.x,0)y))((ir 2 ,TT 2 ))) 
-*t \01y.(\{xy).y)((7r 2 ,4(\x.x,0)y)) 
->£ \01s/.7To(\a;.x,0)j/ 
->£ \01».(\a:.a;)i/ -►+ \01y.y = 5 

If n > 0, before proceeding, let us focus on some observations about the behavior of MkC: 

MkC (\01yM- ■ ■ K>-i(l(0(- • ■ (Ov) • • • )))) • • • )) -►+ (\01 V .mb(- • ■ (v m -i(ly)) ■■■)) 

for every m > and v m € {0, 1}. Namely, MkC erases any occurrence of the variable name to the right of the 
most significant bit of its argument, which, by convention, is 1. This is obtained by iterating SMkCoO and SMkCil, 
starting from BMkCy. (SMkC 0)(7Tg, M) evaluates to (ttq, M) when, as effect of the iteration, SMkC is replaced for 
an occurrence of to the right of the most significant bit. If, on the contrary, SMkCo is replaced for an occurrence of 
to the left of the most significant bit, then (SMkC 0){tt 2 ,M) evaluates to (nf,0M). Finally, (SMkCi 1){%%,M) always 
evaluates to (tt 2 , 1M). Therefore, for some n': 

(68) = MkC(\01y.0({0,l} n j/)) 

->Z \01y.(\(a:j/).2/)((SMkCo 0)({SMkC 0, SMkCi l} n '((SMkCi l)(BMkCy)))) 

->$ \01y.(\(x p).y)((SMkCo 0)({SMkC 0, SMkCi 1}"' ((\<pr).<7r?, 1 r»(7rg, y)))) 

\01y.(\(x j/).y)((SMkC 0)({SMkC 0, SMkCi 1}"' (n 2 , 1 y))) 

-►+ \0ly.(\(xy}.y){irl0({0,l} n '(ly))) 
\01y.0({0, 1}" y) 
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As a second case we show the statement relative to B n a b proceeding by cases on n: 

BOTIfc \01.(\w.\z 1 z 2 -w!To (z 1 ,z 2 ))(0(\x.^) (\x.^))(Eo l)(fc01) 
-►+ \0l. (\w.\z lZ2 .w tt 2 (z u z 2 ))(\y.y)(\y.{0, i} a y)(\y-{0, i} b y) 
-*t \oi-(\y.y) 4 (\y.{0, i}° y, \y-{0, i} b y) 
-*t, \oi^o (\y-{0, i} a y, \y-{o, i} b y) ->t \oiy.{o, i} a y = i 

B2n + ilib -t+ \01.(\u).\ziz 2 -t" (*U 22>)(2n + i (\x.-k'1) (\a:.7r 2 ))(7i l)(fcO 1) 

-+ \01.(\u 1 .\z 1 z 2 .wtt 2 < 21 , Z2 ))(\y.{\ a; .^} 2 "+ i y)(\y.{0, l} a y)(\y.{0, 1}" y) 
->,t VlMYy^W 2 } 2 "^ 7Tq (^.{0, 1}" y, \y.{0, 1}" y) 
-*t \01-ir? (\l/-{0, 1}° a, \l/.{0, 1}" a) ->i \01j/.{0, 1}" y = 5 



1070 Proof of Proposition 14 The last rule of the derivation that gives type to Eb n [M] is an instance of — • / whose 
premise is 0;0; {(xiS' 1 "^; 0)} h Ma;:$ m+n A, which requires n > 1. 

The last rule of the derivation that gives type to El™ [M] is an instance of — o /$. It is preceded by a sequence of 
n > instances of the rule $. If n > 1, then the last rules proves 0; x\ : $ n ~~ 1 Li, ... ,x p : S n_1 -L p ; h Mx\ . . . x p : 
% m+n A. 

The derivation giving type to Ee" g [M] is obtained using the following judgments: 

Hi; Hi; {({z 1 :$ m+ "~ 1 L 1 ,. . . , z q : 8 m+n_1 £ 9 }; 0)} h \w t . ..w p .Mw t . ..w p z t . . . z q :(-• f =1 $" + 1 Li) $'"+" A 
0;0; {({wi :L;}:0)} h Eb 1 [Coerce™] : $™ + 1 L; (1 < i < p) 



Proof of Proposition 18 As a first case, to show that 0; 0; h V n : W — 

be ®" = i W, and suitably derive and compose the following judgments: 

0; 0; h . . . a5„).(Ws0a: 1) . . . , Ws0x n > :\(B -o B) 

0; 0; h \(ari . . . a:«).(Wsi a*, . . . ,Wsl x n ) :\(B -o B) 

w:W;0;0 h to (\(jei . . . a;„).(Ws0xi, . . .,WsO;r„)) 

. . . K„>.<Wsl xi, . . . , Wsl £„)) : $(B 



™_j W), with n > 1, let assume _B 



h\z.z (0,...,0) 



S) -o $B 



As a second case, to show 0; 0; h V™ : W -o $(©" =1 $ m W), with m, n > 1, let assume B be $ m W, 
and suitably derive and compose the following judgments: 



D; {(x; :$ m_1 W; 0)} h Eb m [WsO] X; :% 
t; {(Xi :$ m ~ 1 W; 0)} h Eb'"[Wsl] Xj : S 
S; h \({xi . . . x„ }) . ({Eb m [WsO] xi,.. 
D; h \({xi . . . a:„ }) . ({Eb m [Wsl] xi, .. 



11 W 
"W 

,Eb'"[WsO] x„}) :!(B 
, Eb m [Wsl] x n }) :!(B 



e {1... 
e {1... 



B) 
B) 



uj: W; 0; h tu (\({li . . . x„ }) . ({Eb m [WsO] Xi, . . . ,Eb m [WsO] x„}>) 

(\({xi . . . x„}).({Eb m [Wsl] xi, . .. ,Eb m [Wsl] x„}>) :$(B B) 



,n} 
,n} 



(69) 
(70) 



0; 0; h \z.2 ({0, . . . , 0}) : $(B -o B) 



Observe that every 0; 0; {( Xl : $ m ~ 1 W; 0)} h x t 
obtained by m > 1 applications of $ to X, : W; 0; h ajj : W. 



! W, argument of Eb m [Ws0] and Eb m [Wsl] in (69) and (70), is 



Proof of Proposition 19 For every n, let {Mo, Mi}™ x represent the term v\{. .. (y m x) . . .), where Vi = Mo if the 
i th digit in the binary representation of n is 0, and Vi = M\ if it is 1. We show V 2 a ^+ (a, . . . , a), with n = 2, to 
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keep things readable: 



V n ^^ w (\z. 2 (0,0))(s(\(a; 1 .T 2 }.(WsOa;i,WsOa; 2 ))(\(x 1 a; 2 ).(Wslx 1 ,Wsla; 2 })) 
-►+ (\«.«@,5>)(\y.{VsO,Vsl}°y) 
-+ {WsO,Wsl} a (U,n) 
->+ {WsO,Wsi} a_1 (WslU,WslU) 

->+ {WsO,Wsl} a ~ l ({WsO,Wsl} 4 0, {WsO,Wsl} l U) -►+ (1,5) 

Proceed analogously for V™ a. The only observation is that the reduction of V™ a generates tuples, for example, 
like ({Eb m [WsO] Eb m [WsO] %}) which evaluate to ({WsO I, . . . , WsO I}}, for some I. 

Proof of Proposition 20 To show 0; 0; 0; h S2L : $ 2 ^4 — • N — o L $A just compose the two following judgments: 

0; 0; h \zx.z(\f.x)I:$(((5-° 5) -o a) -o (S -o S) -o q) -o $(« -° a) 
0;0;{(fc:$ J 4;c:$A-.a -o a)} h \lf.ck (II) :!(((£ -o 5) -c a) -c (5 -a 5) -o a) 

using n:N;0;{(fc:$A;c:$A -• a -° a)} h n(\lf.ck(l I)): ${{{5 -° S) -o a) -o (<J -o <J) -o a). 

Proof of Proposition 21 For every n, let {iV}" x represent the term N(. . . (N x) . . .), We show the details of the 
reduction relative to S2L, with n > 0: 

S2LAfrT^ + \c.(\zx.z (\f.x)I)(n(\lf.c M (I I))) (M closed value) 

-►+ \c.(\zx.z (\f.x)I)(\y.(\lf.cM (I /))" y) 

\c.(WV(V/.cAf (//))" 9) 

\c.{\x.{\lf.cM(lI)) n {\f.x)I) 
-+ \c.(\x.(\lf.cM (I I))"- 1 ((V/.cM (J J)) (\/.x)) /) 

\c.(\x.(V/.cAf (U)) n_1 (\/.cMt)J) 
-►i \c(\x.(\/.{cM}" x) 7) ^ + \ci.{c A/}" x = [A/, . . . , M] 



1080 Proof of Propositions 22, and 23 The important point to notice is that, if we assume to reconstruct upward the 
deductions that give type to the configurations or to the pre-configurations, we have to use a suitable number of 
instances of the contraction rule C, just before the use of $. All the rest is standard. 

Proof of Proposition 24 As a first case, to show 0; 0; h BaC2PC m : a -° T[a, 5; $ m W] suitably exploit the 
judgment: 

x : ($ m W -o a -o a) -o ($ m W -o $ m W) -o $ m W -• ((5 -° S) -o a) -o 0,y: a; 0; 

hxCVxy.^EinilSO,/.?/):/? 

As a second case, to show 0; 0; h StC2PC m [G] : ($ m W -o a -o a) -o $™W -• T[a, 5; % m W] -o T[a, <5; $ m W], 
starting from 0; 0; h G:W ^> W, suitably derive and compose the judgments: 

c:$ m W -o a -o a,t:T[a;5;$ m W], 

x: ($ m W — o a — o c^j — o ($ m W -o $ m W) -o $ m W ((<5 -o <5) -o a) -o /3; 0; {(a : $ m_1 W; 0)} 

HicEl™ [G] a (\f.t(\cgal.c(g a)(l I))) : (3 
t:T[a,(5;$ m W];0;0 h \f.t(\cgal.c(ga){U)):(S -o 5) -o a 

c:$ m W -o a -° a,x:($ m W -o a -o a) -o ($ m W -o $ m W) -o $ m W ((5 -o 6) -o a) -o /3; 0; 

{(a:$ m_1 W;0)} h X c El™ [G] a : (((5 -o 5) -o a) -o 
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As a third case, We show 0; 0; h PC2C 1+n . 5 [F'] : SC[a . . . a n+5 , 6; m] -o ($ m W (-oj =0 a,) -o H"±* +1 
otj) —o 7) — o 7. To that purpose, it is worth defining the following type: 

V[a,a:7;$ ma W] = U[a ma , <5: $ m "W] -o ($ ma W -o (-°J =0 a«) -° (^± s „ +1 cy) -o 7) -o 7 
V[6,o;7;$ m6 W] = U[a mb , 8; $ mi >W] -° V[b + 1, o; 7; $ m »+ 1 W] (6 < a) 

and suitably compose the following judgments: 



$W — oao — oao,...,d n : $W — o a n — o a n , 
$ m W — o a n ^i — o a n +i , . . . , e 5 : $ m W — o a n + s — o a n+5 , 
SW -o $W, ...,/„: $W -o $W, 
$ m W -o $ m W, . . . , ft : $"* W -o $ m W, 

fit £ 

ao , . . . , n n : a n , s 1 : a n +i, . . . , s s : a n + s ; !/); 

{(n : W, n n : W.si :$" l_1 W, . . . , s s : $ m ~ 1 W. r : $ m_1 W; 0)} 

h (7 1 ' no ni . . .n n si . . . s s r) (n 7) (n^ I) . . . (n* 7) (s^ 7) . . . (s s 7) : 

($ m W (^ =0 oti) -> (-0 ji s n+1 Q,) -7)^7 
0;0;{(r:$ m_1 W;0)} h if: (^ =0 U[a,,<5;$W]) -° (^Jl' + i U[a; , 5; $" W] ) -o 

($ m W (-o" i= o Oi) -o (-o-= n+ i a j) -° T) -° 7 

For every is{0, ...,n}: 

t :T[a ,5; SW], . . . , t t :T[t<!«, 5; $W]; 0; {(r : $ m_1 W; 0)} h t,(. . . (tj (t H)) . . .) : V[i + 1, n + s, 5; $W] 

For every j G {1, . . . , s}: 

t[ :T[a„ +1 ,S; $ m W], . . . , t'j : T[a n+j , 8: $ m W], 

to : T[a , 8- $W], . . . , t„ :T[a„, <5; $W]; 0; {(r : $ m_1 W; 0)} 

h tj(. . . (ti(t„ . . . (ti(t H)) ...))■■•) :V[n + j + 1, n + s, 8- $ m W] 



Finally: 



i:SC[q , . . . , Q n+S , 8; m];0;0 

hx(\rt ... *„*;...<.<(... «(*»... (ti(t 7J))... ))...)) :(S m W -.(^ = o «*) - (Hf±*+i «i)^=7)^=7 



Observe that 0; 0; {(r : S^W; 0)} h r : $ m W, and every 0; 0; {(s 3 : $ m ~ 1 W- 1 0)} h Sj : $ m W, arguments of F', are 
obtained by m applications of $ to r : W; 0; h r : W, and Sj : W; 0; |- Sj : W, respectively. 
As a fourth case, to show 

0; 0; h C2PC 1+niS [G] : C[l + n; s; m] -o (-°2 =0 I($W -o a, -o a,)) 
-° (-°3t S „+i ! ($ m W -o ay -o a,)) 

^> $((-°S =0 a,) — (^>"± s n+ i cy) -° SC[a ■ • • «„ +s , 5; m]) 

starting from 0; 0; h G: W — o W, suitably derive and compose the following judgments: 

x:C[l + n; s;m]; 0; 

{(do : $W — o ao — o ao , d± : $W — o ai — o aj, . . . , d n : $W — o a n — o a n 

, ei : $ m W — o a n +i — o a n ^i , . . . , e s : $ m W — o a n + s — o a n + s ; 0)} 

h x (StC2PC 1 [G] d ) (StC2PC 1 [7] di ) . . . (StC2PC 1 [7] d„ ) 

(StC2PC m [7] ei) . . . (StC2PC m [7] e s )) 

S((-°"=o T [ Q ^ 5 ; * w l) ~° C-°j=i T [«J.*i S™W]) -o SC[a . . . a„ +s , 5;m]) 

0;0; {(d :$W -o a ^> a o ;0)} I- StC2PC 1 [G] d :!($W -. T[a ,<5; $W] ^> T[a ,<5; $W]) 

For every i e {1, . . . , n}: 

0;0; {(di :$W -o a; -o a;; 0)} h StC2PC 1 [7] :!($W -• T[ai,<5; $W] -o T[a«, <5; SW]) 

and for every j E {n + 1, . . . , — °" =1 n + s}: 

0;0; {(ej : $ m W -o Qj -o ay, 0)} h StC2PC m [7] :!($ m W T[aj,S; $ m W] -o T[aj, 5; $ m W]) 



57 



Finally: 

b:(-°" i=0 T[a i)( 5;$W]) -* H"t n+1 T[ey, 5; $ m W]) -o SC[ao . . . a n+s , 8; m], 
wo : ao, ■ • • , w n : a n , zi :a„+i, ...,2s: cin+s, 0; 

I- b (BaC2PC 1 ™ )(BaC2PC 1 Wi) . . . (BaC2PC 1 w n ) 

(BaC2PC m zi) . .. (BaC2PC m z s ):SC[a . . .a n+s ,S;m] 

As a fifth case, to show 0; 0; 0; h C2Ci +n[S [F, F'] :C[l + n; s; to] C[l + n; s; to], starting from 0; 0; h F:W -o W 
and 0; 0; h F' : $W-« (-• Li$ w ) "•'(-• |=i$ m W) $ m W $ m W, suitably derive and compose the following 
judgments: 

a::C[l+ n:s;m];0; 

{(0;d o :$W -o a -o q ), (0; rfi : $W -o cti -o aj), (0;d n :$W -o a„ -o a n ), 
(0;ei :$ m W -o a„ +1 -o a„+i), . . . , (0;e s :$ m W -o ct n+s -o Q„ +s )} 

h C2PC[F] xd di • • .dn ei . . . e s :$((— °"_ Q c«i) -° (^>"t s n + 1 ay) -° SC[q . . . a„ +s , S; m]) 

°" =0 0:4) — ° (— °"±* +1 Q j) — ° SC[q • ■ • Qi + „ + s, S\ m], 
Wo '■ olq , twi : Qi , . . . , iu„ :q„, Zi :a„-|-i, . . . , z s : a n + s , 0; 

h PC2C[_F'] (bw Wi... W„ zi . . . z s ) : ($ m W -• (-°" =I Qi) -o (— "j^+i otj) — ° 7) — ° 7 



Proof of Proposition 25 Dynamics of C2PCi+ n;s [F] : 



(StC2PC 1 [J] d n ) 
(StC2PC m [J] e s )) 



C2PCi +n;s [F] {(r, [If,. 



, a,\ , [nn, • • • , ni r J, . . . , [n n i, • • • , n nr J 

3 [fill ) ■ • • 3 Sl r ] , ■ ■ ■ , [Ssl ) ■ - - 3 s sr] )) ^uj 

\d di ■ • • d„ei . . . e s . 

(\6.\w) Wi • ■ ■ W n Zi . . . z s .b (BaC2PC 1 ™ )(BaC2PC 1 Wx) . . . (BaC2PC 1 w„) 

(BaC2PC 1 2i ) . . . (BaC2PC 1 2 S ) 

)(((r, [IT, . . . [niT, . . . ,nT7], ■ ■ ■ , [Wra, • • ■ ,In7] 
, [In, . .. ■• ., [ISf, ■ • 
(StC2PC 1 [F] d )(StC2PC 1 [I] di) . 

(StC2PC m [J] ei ). 

\dodi . . . d n ei . . . e s .\u>ou>i . . . w„zi . . . z s .\x. 

xF((StC2PC 1 [F] d )W(- ■ ■ ((StC2PC 1 [F] d ) I;(BaC2PC 1 w )) ■•■)) 
((StC2PC 1 [J] (ii)wf(' ■ ■ ((StC2PC 1 [J] di)ll7(BaC2PC 1 wi)) ■■■)) 
. . . ((StC2PC 1 [J] d n ) n7f(- ■ ■ ((StC2PC 1 [J] d n ) I n 7(BaC2PC 1 w„)) ■■■)) 
((StC2PC m [/[ ei)fn(- ■ ■ ((StC2PC m [7] ei) ? L 7(BaC2PC 1 21)) • ■ ■ )) 
. . . ((StC2PC m [7] es)W(- ■ ■ ((StC2PC m [J] e s ) If (BaC2PC 1 z s )) ■■■))- 

\dodi . . . d n ei . . . e s .\wowi . . . w n zi . . . z s .\x. 

x f (\x.x d Eli [J11f(\/.do (Eli [F]^)(- ■ ■ (do 5wo) •••))) 
(\x.a; di ElJ [/] njl(\/.di (Eli [i] ■ (di ru7«n) • • ■ ))) 

. . . (\x.xd„ Ell[I]rua(\f.d n (Elj[J] n^)(- ■ ■ (d^n^Wn) •■■))) 
(\x.x ei Eir[/] siTOJ.ei (Elf [/] sl?)(- • ■ (ei WrZi) •■■))) 
. . . (\x.arftEir[/|*r(\/.c (Eir[I] sS)(- ■ • (e s s^2 s ) •■■))) ^ 
\dodi . . . d„ei . . . e s .\woWi . . . w„zi . . . z s .\x. 

x f (\x.x do Eli [F] ai(\/.do a' 2 (- ■ ■ (do a', wo) •••))) 
(\x.xdi Eli [J] nTT(\/.di ru2(- ■ ■ (dinI7wi) ■••))) 

. . . (\x.xd n Elj [J] fhj(\f.d n Tha(- ■ ■ (dp TWMIn) •••))) 

(\ar.!T ei Elf [/] Iff (Vf.ei flf(_- ■ (ei f^2i) ■■■))) 

. . . (\x.x e s ElT[I]s^(\f.e s s^(- ■ ■ (e s s^ z s ) •■■))) -»i 
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\d di ■ • ■ d„e 1 . . . e s .\w w 1 . . . w„z 1 . . . z s . 

( ({?, (If, [a' 2 , . . . , a?]) 

, (nn, [ni2, • • • , nlrj), • • ■ , (n n i, [n n 2, • • • , rwj) 

, (sTT, [Iff, ■ ■ ■ ,fi7]), • • • , (sIT, [IS 1 , ■ • • ci ...cr 

dll . . . (il r cZ n l . . . d nr 

en . . . ei r e s i . . . e sr 

U>0^1 ■ ■ ■ w n z± . . . z s 

){ d % 1 -.- d0 /cr 

di/ di / d„ / d„ I eij ei / e s / e s / 

/"ll ■■■ /air / d„i ■ ■ ■ / d nr / qi • • ■ /^lr / e s l ■ • ■ /esr 

UI / ™n / 21/ 2s / 1 

/ Vl ■ ■ ■ I W„ I Zi • ■ • /ZsJ 

For the dynamics of PC2Ci +n;s [F'], we define a as the substitution: 

do/ do I c 

di/ di / d n / d„ / ei / ei / e s / e s / 

/ »11 • ■ ■ / air I d„i ■ ■ ■ I d m / en • ■ ■ / e ir / e s i • ■ ■ / e S r 

TO / «n / Zl / z s / 

I w ■ ■ ■ I w„ I zi ■ • ■ / z s 

and we recall that H is: 



\do/owo«o- 

\di/ininf — \d n f n n„ni. 
\eigieis* \e s g s s s s*. 

\x.x (F' no m . . . n n si . . . s s r) (no /) (n* 7) . . . (n„ 7) (s* 7) . . . (s^ 7) 

Then: 

\dodi • ■ ■ d n ei . . . e s .\wowi . . . w n zi . . . z s . 
(PC2Ci +n;s [ J F'] ({f, (ff, [If, ...,57]) 

, (nn, [ni2, • • ■ , ^Tr] ),•••, (n n i, [n n 2, • • ■ , ) 

, (sir, [iff, . . . ,Hu\), • • • , (sir, [sff, • • ., C1 ...c r 

rfll . . . fil r rf„l ■ ■ ■ rfnr 

en . . . eir e s i . . . e sr 

lUOl^i . . . W n Zi ... 

) cr -4 

\d di . . . d n ei . . . e s .\u! u)i . . . w n zi . . . z s . 

(PC2C 1+n ., s [F'] (\x.xf(\x.x ci ElJ [F] W (\/.c 2 e&Q ■ ■ (c r wo)_- ■ ))) 

(\a;.a;dii Eli [J] nTT(\/.di2 Sf- ■ ■ (dir WrWi) ■■■))) 

. . . (\x.xd n i ElijJj nTT(\f.d„2 n^j- ■ ■ (d„n^w„) ■■•))) 

(\x.x en Elf [J] sTT(\/.ei2 srj(_- ■ (e ir s57_£i) •••))) 

. . . (\x.x e s i Elf [J] sU(\/.e s2 sli"(- ■ • (e sr sITZs) • • • ))))) a -»+ 

\dodi . . . d n ei . . . e s .\u;oTOi . . . w„zi . . . z s . 
((\rto*l • • • Wi • ■ • *Us(. ■ .£U*n(- ■ .Jto 77) . . .))) . . .)) 
f (\X.X Cl Eli [F] W(\f-C2 fl[(- ■ ■ (Crflfwo) ■ ■ • ))) 

(Vcidn Elj [J] nTT(\/.di2 nT? (■ ■ ■ [d lr nT<_wi) •■■))) 
. . . (\x.xd„i Eli [J] nr7i(\/-dn2 n^2 (• ■ ■ (d n r^ra„) ■■■))) 
(\x.a;en Elf [J] Iff (\f.e12 Iff (■ ■ ■ (ei r si7_zi) ■■■))) 
. . . (\x.x e s i Elf [J] iff (\/.e s2 !!(■■■ (e sr 517 z s ) * ' ' )))) & *w 
\dodi . . . d n ei . . . e s .\woW! . . . w„zi . . . z s . 

((\ii . . . Wi ■ ..<s4(- • • (<i(*n(. • • (*i (\di/inmi . . .\d n f n n n nl 

\eiffisis* . . . \e s g n SsS n . 
\x.x (F'WnT . . . nT sT ... sir 
)(C2 a2"(. ■ • (c r alwo) . . .)) 
Jn\ I)... (nU)(s{l)... (st /))).. .)))...) 
)(\a:.ardii Eli[]nn(\/.di 2 ni2(- ■ ■ (dir nir wi) • ■ ■ ))) 
. . . (\a-.xd„i El}[/] nrrf(\/-d n 2 nT£(' • ■ (d m n^w„) ■••))) 
(\x.x en Elf [7] fff(\/.ei 2 Iff (• ■ ■ (ei,Wzi) •••))) 
. . . e si Elf [7] sir(\/.e s2 s^(- ■ ■ (e sr sIT-Zs) •■■)))) CT "^i 
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do 



7c 



da 



\dodi . . . d n ei . . . e s .\u) »i • • • w u z 1 ...z s . 

(\x.x (F'aTrTTT- ■ .n^T~sTT- ■ • s7Tr)(c 2 W(- ■ ■ (c r 57u;o) . . .)) 

(di2 ma(- ■ ■ (dunuwi) • ■ ■ )) 
■ • • K2fta(- ■ ■ (d m n^w„) ■ ■ ■ )) 
(ei 2 slip ■ ■ (ei r sTT£i) ■ ■ ■ )) 
• • • (e S 2 s^(- • ■ (e sr s^2 s ) •••))) a ~*t 
\dodx . . . d n ei . . . e s .\w wi . . . w n zi . . . z s . 

\x.xr' (domi- ■ ■ (doa^wo) . . .)) 

(di n^(- ■■ (di WrWi) •••))■•■ (dn rhv(- ■ ■ (d n n^w n ) ■ ■ ■)) 

(ei sT5(- • • (ei siF«i) •••))... (e s s^(- ■ ■ (e s z s ) •••)) = 

2, . . • , a',}, [nH, • ■ ■ . . . , [n^2, . . . ,W^\, [fTf, • ■ ■ ■ ■ ■ , [Hf, ... ,1^)) 



"n / ^1 / 



«r', {at 

For the dynamics of C2Ci +n;5 [F, F'] we, again, define a as the substitution 



/<»!,•• ' /<*„! ■ • • "7<*nr ^/e 



/*, . Then: 



C2C 1+n;s [F, F'] «r, [5f, . . . , o7] , [Tiff, . . . ,rqj 

, [sir, ■ ■ • , sir] 



)(C2PC 1 + n;5 [F] «r, [oi, 



/ ei r / e s i • ■ ■ / e sr / w 

S77] 

\do . . . d n ei . . . e s . 

(\6.\kJq ■ ■ ■ t'Jn^i . . . 2 s .PC2Ci+ n;s [i ? ](6k;o - . . w n z\ . . . z s ) 



■ , [n nl 



, a r J, [nil 



, »lr] 
,317], 



, [n„i, 
[5sf , • 



sTJ])) d . • . dn ei . . . e s ) — >+ 
\do ■ ■ ■ dnei . . . e s . 

(\b.\wo ■ • ■ w„zi . . . z s .PC2C 1+ „ ;s [F'](bw ■ ■ ■ w„ Zi . . . z s ) 

)(\to ■ • ■ w„Zi . . . z s .\x.xr (\x.x d El\[F] aT{ \f.d a' 2 (- ■ ■ (do a', w ) ■■■))) 

(\x.xdi El}[/] raTT(\/.di nT-Tp ■ ■ (di nuwi) •••))) 

. . . (\x.xd„ ei} [/] 7t7rr(\/.rf„ ■ ■ (4%«i,) ■■■))) 

(\x.xei El™ [7] sll(\/.ei sI5(- ■ • (ei sITzi) ■•■))) 
. . . (\x.xe s El™[I] s7J(\/-e s s&(- ■ ■ (e s s?z s ) • ■ • )))) ->+ 
\do . . . d n ei . . . e s .\-u;o ■ ■ ■ w n z± . . . z s . 

(PC2C 1 + n;s [F'] (Sf, [aj,... ,<]> 

> <nTT, ["12, ■ • ■ , "l7]>, ■ ■ ■ , (nTTT, [n^2, ■ ■ ■ 

(sZ, [si2, ■ ■ ■ Cl ... c , 

dn . . . di r d n i . . . d nr 

en . . . ei, e s i . . . e sr 

WJO^l . . . W n Z\ . . . 2 S 



(sill [5l2: ■ • • ! s lr]>. 



((r 7 , [a' 2 , . . . , a' r ], [n 12 , . . . , ni r ], . . . , [n n2 , . . . , n nr ], [si 2 , ■ ■ • , Sir], ■ •• , [s s 2, ■ ■ ■ , s sr ]» 



Proof of Proposition 26 As a first case, to show 0; 0; h L2Ci +n;5 : L$W -o (-oJ =1 L$W) 
L $ m W) -^C[l + n;s;m] suitably derive and compose the judgments: 

li :L$W;0; {(0;d i: $W -• a 4 -o a t )} h iidj:S(ai -<o,) (i e {0, . . . , n}) 

;„+j :L$ m W,0; {(0;e 3 :$ m W -. a„ +j -o a n+3 )} h Z^e^ :$(a n+3 -o a n+:j ) (j 6 {1, . . . , s}) 
bo : qq — o a , 61 : ai — o ai , . . . , b n '• ct n — cv n , 
ci:a n+ i — o CK n _)_i , . . . , c s : a n _|_ s — °a n +ST 

: <^0: ■ ■ ■ , w n :Ctn, ^1 :C«n + l, ■ ■ ■ j ^s^n+s, 

x:$ m W -• (-o^ =0 ai) -o (~«"t S n+1 ctj) -o 7 ;0;0 

h i0(6o«io)((iiioi)... (b„ «)„) (ci Zi) . . . (cs z s ) :7 
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Z :L$W, . . . , i„:L$W, i n+ i :L$ m W, . . . , i n+s :L$ m W; 0; 
{(0; d :$W a -° a ), (0;d„:$W a„ -° a„), 
(0; ei :$ m W Q n+ i -o Q n+ i), . . . , (0; e s :$ m W a n+s -o a„+ s )} 
h (\fco^l ■ ■ ■ b n c\ . . . c 5 .\wqwi . . . w n z± . . . z s . 

\x.xO(b w )(bi Wi) . . . (b„ w„) (ci Zi) . . . (c s z s )) (io do) Ci di) ■ ■ ■ (in <2n) 

(i„+i ei) . . . (l n+s e s ): 

S((-°;=o «<) -° C-°;±'+i Q ^ -° V7-(($ m W (-V =0 on) -« (^± s n+1 ay) — 7) — 7)) 

As a second case, to show 0; 0; h W2C 1+n;5 : (-• ? =1 $ 3 W) -• (-• j = i$ m+2 W) 
— • W — o $C[1 + n; s; m] suitably derive and compose the following judgments: 

1 + n+s 

U):W;0;0 h Vi + „+sU):$( (g) W) 

i = l 

0; 0; {(ru : $W, ...,n„: $W, si : $ m W, . . . , a, : $ m W; 0)} 

h \fc fci . . . fe„ fti .. . h. 5 .L2Ci + n;5 (S2L0 (Ss (W2S fc ))) 

(S2Lni (Ss (W2S fci))) . . . (S2Ln„ (Ss (W2S fc n ))) 
(S2Lsi (Ss (W2S hi))) . . . (S2Ls s (Ss (W2S h s ))) : 

(^j 1 1 ±; +s W) -o C[l + n; s; m] 

fc o :W;0;0 h S2L5(Ss (W2S fc )):L$W 

fci :W:0; {(m :$W;0)} h S2L ri{ (Ss (W2Sfc;)):L$W (t £ {1, . . . , n}) 

hj : W;0; {( Sj :$ m W; 0)} h S2L Sj (Ss (W2S hj )) : L$ m W (j £ {1, . . . , s}) 

1085 Observe that every 0; 0; {(/ij : $ m W; 0)} h Sj : $ m+1 W, argument of S2L, is obtained by m + 1 applications of $ to 

As a third case, to show 0; 0; h C2FCi +n;s : C[l + n; s; m] — ° FC[1 + n; s; m] suitably derive and compose the 
following judgments: 

c:C[l + n;s;m];0; 

{(0;d o :$W-«Qi -o ai),... J (0;d„:$W-.a 1 -o ai), 
(0; ei :$ m W -• a n +i -o Q n +i), . . . , (0; e s :$ m W -• a n+s -o a n+s )} 
h cd . . . d n ex . . . e,:i(H3 a,) -« (V 7 .($ m W -. a,) -<, 7 ) - 7 )) 

M-S «i) - (V 7 -($ m W H>J+J a») -o 7 ) -<, 7 );0;0 

h 6 w ...ro n zi...z s : ($ m W -• (-o£±Jj a 4 ) -o 7 ) -o 7 

As a fourth case, to show 0; 0; h FC2Wi +n;s :FC[1 + n; s; m] — o $ m+1 W suitably derive and compose the following 
judgments: 

1 + n+s 

c:C[l + n;s;m]i 0; H c \xy.x ■ ■ ■ \xy.x:$((-o" i=0 $W) -o (^"± s n + 1 $ m W) -o 

($ m W (^>" =0 $W) -o (-o"t s n+1 $ m W) -o $ m W) -o $ m W) 
6:(-o|| =0 $W) -o (^="± S n+1 $ m W) -o ($ m W (-o; =0 $W) -o (-«"± S n+1 $ m W) -o $ m W) -o $ m W;0;0 
h 6 0- ■ -0(\rx a . . .x„ +s .r):$ m W 

1 + n+s 

0;k o :W, .. . ,a;„ : W,K„+i :$ m_1 W, . . . , x„ +s : $ m_1 W; {(r : $ m_1 W; 0)} h r:$ m W 

Observe that the last judgment comes from applying m applications of $ to r : W; 0; h r : W, the last one introducing 

•r,:W r,,:W., n . : :s»- W 

.;■„ . s : $ m_1 W as fake assumptions. 

As a fifth case, to show 0; 0; h It 1+n S [G , G 1 ,G 2 ] : $W (-• , n =1 $W) -• (-• = =1 $ m+4 W) $ m+4 W, 
starting from 0; 0; h G k : $W (-• ? =1 '$W) (-• ' =1 $ m W) $ m W $ m W, with k G {0, 1, 2}, suitably 



61 



derive and compose the following judgments: 

{(n:W;0)} hEli[V 2 ]n:$ 2 (W®W) 
{(n i: W;0)} h Eli [Coerce 4 ] n i: $ 5 W (» G {1, ■ • ■ , "}) 
hEeJ. 1+n+s [ff]: $ 2 (W®W)-. 

(-• Li$ 5 w) (-• ;± s n+1 $ m+4 w) -• $ m+4 w 



{(ni : $ 2 W, . . . , n„ : $ 2 W, si : $ m+1 W 



Ss :$ m+1 W;0)} 

h \a&..ff' (aC2Ci +n;s [WsO, Go] C2Ci +n;s [Wsl, Gi]) 

(W2C m...nnSi...s 5 !i):W-oW-o $ m+2 W 



b: W; 0; {(m : $ 2 W, . . . , n„ : $ 2 W, si : 



1 w, 



h W2C m . . . n„ S\ . . . s s b: $C[1 + n; s; m] 
a:W; 0; h a C2C 1+n;s [WsO, G ] C2C 1+n;s [Wsl, Gi] : $(C[1 + n;s;m] -o C[l + n;s;m]' 



h : $(C[1 + n; s; m] -o C[l + n; s; m]) -o $C[1 + n; s; m] 



where: 



H = \tni . . . n„si . . . s s . 

i (\ab.H' (aC2Ci +n;s [WsO, Go] C2Ci +n;s [Wsl, Gi])(W2C m . . . n„ si . . . s s 6)) 
if' = \2j/.FC2Wi +n;s (C2FCi +n;s (a (C2C 1+n;s [/, G 2 ] J/))) 

,090 Observe that every 0; 0; {(n, : $ 2 W; 0)} h n* : $ 3 W, and 0; 0; {(s 3 : $ m+1 W; 0)} h Sj : $ m+2 W, arguments of W2C, 
are obtained by a suitable number of applications of $ to n, : W; 0; h n, : W, and Sj : W; 0; h Sj : W, respectively. 

Proof of Proposition 27 The dynamics of L2Ci +n;s is: 

L2Ci +n:s [of, . . . , of] [nil, ■ • ■ , nif] ■ • ■ [nffT, • ■ ■ , 5w] [su, • ■ ■ , sT7] ■ ■ • [s7T, . . . , 5s7] — > J 
\dodi ■ ■ ■ d n ei . . . e s . 

(\f>obi . . . 6 n ci . . . c.\tootui . . .WnZi . . . z s .\x.x 0(bo wo)(bi wi) . . . (6 n M>n)(ci zi) . . . (Cs Zs) 

)([aT, . • • ,of] do) ([nlT, . . . ,nTf] di) . . . ([nfa, ■ ■ • ,«^f] <2„)([sTT, ■ • ■ ,sTf] si) ■ ■ • ((Isf, ■ • ■ ,~] s s ) — 
\dodi . . . d n ei . . . e s . 

(\&obi • ■ ■ £>nci . . . Cs.\wo«Ji ■ • ■ tunzi . . . z s .\x.x 0(fco wo)(bi wi) ... (6 n M>n)(ci zi) . . . (Cs Zs) 
)(\a.d 5f(. ■ • (d afz) . . .)) 
(\a;.di nn (■ ■ • (di ni r x) . . .)) . . . (\x.d„ n n l ( ■ . . (d n n nr a:) . . .)) 

(\x.ei sTT(- ■ • (ei sir a) ...))... (\s.e s sii(. . . (s s s^£c) . . .)) — >+ 
\dgdi . . . d n ei . . . e s . 

(\6o^i ■ ■ ■ frnCi . . . c s .\wqwi . . . w n zi . . . z s .\x.x 0(6o wo)(bi w i) ■ ■ ■ (b n w n )(ci Zl) . . . (c 5 Zg) 
)\x.x (do oT(. . . (do of «>o) • • •)) 

(di nTT(. • ■ (di niTiui) ...))... (d n nfa(. ■ ■ (d„ nVtfn) ■ ■ ■)) 

(ei 3iT(. .. (ei sifzi) ...)).. . (e s s7T(. . . (ssS^Zs) . . .)) — ►+ 
«0, [aT, .. . ,of], [nil", • ■ ■ ,nif"], ■ ■ ■ , [n^T, ■ ■ • [SIT, ■ • ■ , sir], ■ • ■ , [sit, ■ • • ,«sf])) 
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The dynamics of W2C 1+n;s is: 



W2Ci +n;s m...n n si...s s n — >Z 
(\t.t(\kokt . . . k„hi . . . h s . 

L2Ci +n;s (S2l!J(Ss(W2S fc ))) 

(S2LlT(Ss(W2S fci))) . . . (S2Ll^(Ss(W2S fc n ))) 
(S2Lff(Ss(W2S/ii))) . . . (S2Llf(Ss(W2S/!, s )))) 

)(Vl + n+sW) ->+ 

(\t.t(\koki . . . k„hi . . . h s . 

L2C 1+n;s (S2LlJ(Ss(W2Sfco))) 

(S2Llf(Ss(W2S fci))) . . . (S2Lff^(Ss(W2S fc n ))) 
(S2Lff(Ss(W2S hi))) . . . (S2Llf(Ss(W2S hs)))) 
){ n, . . . ,n ) ->+ 

l + n+s 

(\z.z n . . . n )(\fcpfci . . . k n h\ ... /i s - 

l + n+s 

L2Ci +n;s (S2LS(Ss(W2Sfc ))) 

(S2LlT(Ss(W2S fci))) . . . (S2Lffn(Ss(W2S fe„))) 
(S2LfT(Ss(W2S/n))) . . . (S2Llf(Ss(W2S hs)))) 

L2C 1+n;s (S2L0(Ss(W2SW))) 

(S2LffT(Ss(W2S7f))) . . . (S2L^(Ss(W2Sl))) 
(S2LlT(Ss(W2SW))) . . . (S2Llf(Ss(W2Sl)))) ->•+ 



L2Ci +n;s (S2L0m + 2) 



(S2L nTm + 2)... (S2L n^m + 2) 



(S2L slm + 2) ... (S2L sjm + 2)) ->+ 

m + 2 m + 2 ?7i+2 

L2Ci +n;s [0, . . . , 0] [m, . . . , m] • • • [WrT, • • • , [sT, . . 



({0,[0,...,0],[Wr,...,riT], 



[nn, . . . ,n„J, [si, . . . , sij, . . . , [s s , . .. ,a s 



where we assume m + 1 be the number of binary digits of n, namely its length |n|, so m + 2 is \n\ + 1. 
The dynamics of C2FCi+ n;s is: 

C2FCi +n;s ((r, [5T, ... ,37] , [WIT, . . . ,nI7], . . . , [n^T, . . . ,n^\, [511, . . . , 517], . . . , [sT/f, . . . , 577])) — >+ 
\do . . . d n ei . . . e s . 

(\bwQ . . . w n z\ . . . z s .b wq . . . w n Zi . . . Z s ) 

(«r, [al, . . . ,57] , [nlT, • ■ ■ ,ni7], ■ ■ ■ , [nTT, ■ ■ . ,1577], [5JT, ■ • ■ ,577], ■ • ■ , [57J, ■ • ■ ,577])) do ■ ■ ■ d„ ei . . . e s ) — »+ 
\do ■ ■ ■ d n ei . . . e s . 

(\^7j;q . . . W n Zl . . . Z s .b Wq . . . W n Z\ . . . Z s ) 

(\-(jjo uj i ■ • • WnZi . . . z s . \x .xt (da aT(' ■ ■ (do a7 ^o) • ■ • )) 

(di nTT(- ■ ■ (di«I7 u>i) •••)).. . (ri n ra7T(. ■ ■ (d n n^w„) ■ ■ ■ )) 
(eisTT(- ■ ■ (eisI7zi) ■■■))... (e s s7J(- • ■ (e s s77z s ) ■ ■ ■ )) 

\do ■ ■ ■ d n e\ . . . e s .\-u;o ■ ■ ■ w n z\ . . . z s . \x.xr (do 7TT(- ■ ■ (do a7 wq) ■ ■ ■ )) 

(rfi nTT(- ■ ■ (dinI7 toi) ■■■)).. . (d„ 7T7T(- ■ -Jd„ n^w n ) ■ ■ ■ )) 
(eisTI(- ■ • (eisT7zi) ■■■))... (e s 57f(- • ■ (e s 5^z s ) ■■•)) = 



((r, [oT, . . . , Or], [nil, ■ • ■ , nir], 



|n„i, .... n nr J, Isu, . . . , si, 



[S S 1, . . . , S sr 
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The dynamics of FC2W 1+n;s is: 

FC2Wi +n;s ((r, [al, . . . , a7] , [nJT, ■ ■ ■ ,nu], ■ ■ ■ , [nTT, ■ ■ ■ , "77], [3TT, . . . ,317], ■ ■ ■ , [sJT, ■ ■ • ,3f7])> — >J 

(\6.6 ■ • ■ (\ra ■ ■ • x n+s .r))(((r, [ST, . . . , a7] , [ WIT , . . . , nT7], ■ ■ • , [tVl, . . . ,tw] 

, [sir, . . . , sI7], . . . , [sTJ, . . . » ( \xj/.x) • • • (\xy.x)) ->+ 



(\x.xr((\xy.x)aT(- ■ ■ ((\xy.x)a;0) ■ ■ ■ )) 

((\xy.x)nIT(- ■ ■ ((\Ky.a;)riT70) ■■■))•■■ ((\xj/.x) nTTr(- ■ ■ ((\xy.x) ?w 0) ■ • ■ )) 
((\xy.x)sIT(- ■ ■ ((\xy.x)sI70) •■■))... ((\icy.an)sjr(- ■ ■ ((\xy.x)s^0) • ■ ■ )) 

)(\rxo ■ • ■ x n +s-r) — >^ r 



Proof of Proposition 28, Point 1 We proceed by induction onm-i. We assume m — i — 0. Namely, to = i. We 
need to prove that: 

C2Cl + n ;s[Ws/A n , G Vm ]{@, §} k , [Wf] fe , • ■ • , [ff^f , [lT] fe , • • • , [Iff)) 



rewrites to: 



|(r[0, a,ni, . . . , n n , si, . . . , s s 



^2<V„ 



,[^r] fc - 1 ,...,[^] fc - 1 
,^ fe - 1 ,...,^ fe - 1 )) 



, n„,si, . . . ,s s ], [i^T] fc 1 ,[nT] fe \ 



[f^-MfTp- 1 , 



which is ((r[0, a, m, . 
[ff] fe_1 )). Since, by definition of words, i/ m is 1, we have to prove that: 
C2Ci +n; s[Wsl, Gi]((l, [0] fe , [ffTf, . . . , [!^] fc , [ff] fe , ■ ■ ■ , [f^)} rewrites to ((r[0, a, m, 



...,n n ,si,...,s s ],[T] fc \ 
with _F = Wsl and F' = G\, Proposition 10, and the assumption on G\. 
We assume m — i > 0. Namely, to > i. By induction, we have that: 



■=lfc-l\ 



But this can be obtained using Proposition 25, 



C2C 1 + n;s [Ws l / i _ 1 ,G„ i _ 1 ](. . . (C2Ci + „ ;s [Ws*/ m ,G„ m ]«a, [0] k , [KT] fc , . . . , [W^] k , {gf] k , [S7] fc ») . . .) 

rewrites to the word: 



(71) 



l(r[m + 1), a, m, . . . ,n n ,si,. . . ,s s ] 



J2 m J (i+1) 2 m -( 4 + 1 )-J'i/„ 



-| k — {m — i — l) — l 



iffr] fe - (m - l - 1) -\ . . . , ^] fc - (m - i - 1) - 1 



k— (m— i— 1)— 1 



, . . . , l^sj 



^fe— (m— i— 1)— 1 



If we apply C2Ci +n;s [Ws^j, G^J to (71), we end up to calculate: 



C2Ci + „ is [Wsi/ 4 , G„ 4 ]((r[m - (i + 1), a, m, . . . , n„, si, . . . , sj , ^JIq'^ 1 ' 2"*-( i + 1 >-J v m -j 

, ["l 



sk-O-i-l)-! 



fe_( m _i_l)_l 



=]fc-(m-i-l)-l 
fe_( m _i_l)_l 



(72) 



Now, Proposition 25, with F = Wsfi and F' = G Vi , the assumption: 



G^ I 2 m ~( l + 1 )~-?z/ m _j | TTf . . . n n si ■ • ■ s7r[m — (i + 1), a, ni, . . . , n n , Si, . . . , s s ] 

3=0 



— >u; r L m — l , a , n l , ■ ■ ■ ,^n,Sl, . . . , S S J 



and Proposition 10, which yields: 



-(i+l) \ /m-(i + l) 

j=o / \ j=o I j=o 
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imply that (72) rewrites to: 



'{r{m — 1, a, m, . . . ,n n ,si, 



fc-(m-i-l)-l-l 



Ifjfc-Cm-i-D-l-l, . . . ) ^jfc-(m-i-l)-l-l 
^jfe-Cm-i-l)-!-!^ _ _ ^ =jfe_( m _i_i)_i_i« 



where fc — (m — i — 1) — 1 — 1 is exactly fc — (m — i) — 1. 
Proof of Proposition 29 



°n'5* _1 S * Gi,..., G n ',Hi, . .. , H s ']m ... n„sn ... si Sl s s /i • ■ ■ s s ' 3s , 

'o ;n +i*'_ s 4 [G](Eil[vJ/ +s /]lf) . . . (Eii[Vn/ +S ']n?)ifT...i57 : wi.. 



, i? s /]ni . . . Tin Sii 



i Ee 
,Ee 
; Ee 



-. l^Jl^J-UVn'+s'J ni) ■ ■ ■ VHJ-1LV „/+,/] 7t n ;sn . . . s lsi S s /l . 

i=l s > 

o ;n+E s'_ iSi [G](Vj/ +s / nT) . . . (Vi/ +S / 7^) sir . . . sH7 s^T. . . s^T7 



■ n+ J^ ^ N( V n'+ S ' n ■ ■ ■ ( V n' + S ' "n) Sll ■ • • Slsj «s'l • ■ 

in+E s '-! s 4 ^ ( j 71 ]" • ■ ■ ^p ) • ■ ■ ({ > ■ ■ ■ ^ }) Su • - • sTTT ^7 

n'+s' n'+s' 



°s's - 



n'+s' n'+s' 

; G ({nT . . . m}) . . . <{rTr7 . . . n^}) six . . . su^ s^T 

(Gi nT . . . nS) . . . (G n / nT • • • n7) 
^ntsJ^iKElllCoerc 
.(Ee^J^KElTlCc 



S s /1 . . . s s 



(Ee,™,,,,. 1 ^ [.Hi] (El} [Coerce™ x ] m) . . . (El} [Coerce™ J ] n n )sn . . . si s J 

i m_1 ] nT) . . . (El} [Coerce™ -1 ] Ti^s^i" . . . s s / s ) ) 

" + < Ee ™nM-s' [^] fT • • • f^fti • ■ ■ ft s ' 



.f 



n n )s s 'i 
(by the assumptions) 



Proof of Proposition 30 To show 0; 0; h o^ =1 s ' [F, Gi, G n >,Hi, H s >] : (-• £ = i$ w ) 



5Di=l s iQ2m+l 



W) — • $ 2m+1 W derive and suitably compose the following judgments: 

/n'+s' \ 

0;{(n i: W;0)} h El} [V^K : $ 2 I Q $W I (1 < j < n) 

0;{(j/ lj: W;0)} h El}[Coerce m-1 ]y !j: $ m W (1 < i < s', 1 < j < n) 
0; {(tix* : $ 2m ~ 2 W; 0)} h w ik : $ 2m-1 W (1 < i < s', 1 < k < Si) 
0; {(x ik : W; 0)} hi, t :$W (1 < i < n', 1 < k < n) 
0;{( yil :W,...,y in :W, 



S 2m ~ 2 W;0)} 

h Ee™^ [Hi] (El} [Coerce" 1 " 1 ] y n ) . . . (El} [Coerce" 1 " 1 ] y it 



g2T71 — 2^ 

_m— 1 



(1 < * < s') 



toil • • • Wi H W 

{(lii : W, r,,:\V: 0)} Y-G t x a ... x tn :$ m W (1 < i < n') 

{( S11 : W, ...,x ln :W avi : W, . . . ,x n / n : W 

yu : W, . . . , y ln : W, ton : $ 2m " 2 W, . . . , to isi : $ 2m " 2 W 



2/s'i:W, . . . ,y s /„:W,to s /i: 



2 W, 



,to s / s , :$ 2m ~ 2 W;0)} h ifiS 2 ™-^ 



H being the term in the definition of the composition of Section 6.4 



Proof of Theorem 5, point 3 We proceed by induction on the structure of the closed term. The base case coincides 
with t = 0. We focus on the inductive cases only, 

First case. Let t be f(ti, . . . , t k , u\, . . . , in). Then, 0; 0; h [i] : S^W with v = max{u - 1 + m, qi, . . . , qi}, and 
u = max{m,pi, . . . ,p k }, for some m,pi, . . . ,pk, qi, 
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...,<?;. If we develop the relations between u and v, we get v = max{max{m,pi, 
1105 . . . ,p fc }-l+m,gi, . = max{2m-l,pi-l+m, . . . ,p k -l+m,q 1 , ...,qi}< max{2m,2pi, . . .,2p k ,qi, . . .,q{\. 

Since, by induction, m < wg(/), pi < wg(ii) with 1 < i < k, and qj < wg(iij) with 1 < j < i, we get 
max{2m,2pi, ...,2p k ,qi, 

...,qi}< 2max{wg(/),wg(ii), . . . , wg(tfc), wg(ui), . . .,wg(itj)} which is exactly wg(/(*i, ... ,4,1*1, . . 

Second case. Lett be o^ =1 U [f,g l ,...,g k ,,h 1 ,..., h v \. Then, 0; 0; h [t] :$ 2 p +1 W withp = max{m, mi, ... , 
mo mj;', rii, . . . , n;/}, for some m, mi, . . . , m^' , n x , . . . , nv . We have 2p + 1 = 2 max{m, mi, . . . , m^' , n x , . . . , rii'} + 
1 < 3 max{TO, toi, . . . , TOfc' , ni, . . . , n//}. The induction m < wg(/), m, < wg(pi) with 1 < i < fc', and 
raj < wg(/ij-) with 1 < j < T, implies 3 max{m,TOi, . . .,m k ',rii, . . . ,n v } < 3 max{wg(/), wg(si), . . . , wg(g k ,), 

wg(/ii), . . . ,wg(%)} = wg(o fe ; i , i = 1 .. ,g k >,hi,. . . ,h v \). 

Third case. Let t be r fc+1 > z [ 5 , ho, hi}. Then, 0; 0; h [i] : $p +1 W with p = max{m , 
1115 mi, ?Ti2 }i for some mo, mi, , m2. We havep+ 1 = max{mo + 1, mi + 1, m-2 + 1} < 2 maxjmo, mi, m2}. The induc- 
tion mo < wg(g), mi < wg(hi) with < i < 1, implies 2max{m , mi, m 2 } < 2 max{wg(g), wg(h ), wg(/ii)} = 
wg(r fc + 1 .'[ 5 ,/ l0 ,/n]). 

Proof of Theorem 5, point 4 By induction on the structure of n. If n = 0, then, by definition, [0] = Elo[0], which 
is 0. Otherwise, let n > 0. Then, n can be written as Y^JjLo < ^ m ~^ y m-j = ^iY^jLo 2 m_ ' 7_1 £ / ro-j) + = 2m + z/ , 
1120 for some m. Then, by the inductive hypothesis, we have \n\ = \s Vo (. . . {s Vm _ 1 (si z 0,0 )) . . .)] = 
[b^]°(K (. . . (s^ (si z°< )) ...)]) -* [s„ ]° m = Ws^o m -+ 2m + V a = fL 

Proof of Theorem 5, point 5 By structural induction on the structure of /. We develop the details in the case / be a 
recursive scheme, the most interesting one. So, let / be r k+1 ' 1 [g, ho, hi]. We have to consider two cases. 
First case. It has r k+1 ' l [g, h , hi](n , n^.^, S[i ; rj) = n with n = 0, for some n. By definition 

r i;+1 ' , [g,/io,/i l ](Tio,n[i i fc],s [1;i ]) = g(n[i ;fc ], %;;]) = n, which, by induction, imphes {g{n {1 . k] , S[ X . q )] ->•+ I. The 
statement we need to prove is [r fc+1 ' Z [g, ho, h\]{no, W[i ; fc], S[i ; ji)] — ^ n. By definition: 

[r + ' [g, fto, /ll](nO, H[l;fc], S[l;i])l 

(Eir™ [[0j])(El o "^ [[m]]) . . . (BIT** [[n fc ]]) 
](ElS- 91 [M]).-.(Eir 9! [H]) (73) 

where 0;0;0 h [r fc+1 < z [c/, /i , : $W (-• * =1 $W) -• (-• ^ =1 $ P+4 W) $p+ 4 W, 0;0;0 h [0] : $ Po W, 
0;0;0 h [ni]:$^W, with 1 < i < k, 0;0;0 h [ Sj ]:$^W, with 1 < j < I, v = max{u - 1 +p + 4, q x , ...,©}, and 
u = max{p + 4, pi , . . . , p k } . By the definition of linear embedding, and point 4 of Theorem 5 : 

(73) ->+ Eeo ; 7" +1_p+4 [Eeo." fc + ; [[r fe+1 ' i [g,/\o,/ii]]°]0rlr. . .WfcjfT. . .1? 

= Ee^I^^^lEe^Jlti+k^^o] , [Hi] , [G]°]] fJWf . . . W] ff . . . ff (74) 

where G = Ee^™f +1 [\n . . .n h si . . . s t r.[g]° m . . .n k ai . . . 0; 0; h : (— f=i$W) (— J =1 $ m » W) $ m » W, 
1125 ffj =Ee£^ +1 [[Ai]°], 0;0;0h :$W (-• f =1 $W) (-• ^ =1 $" li W) $ m ' W, andp = max{m 9 , m , mi}, with 

ie{o,i}. 

Using the definition of the embeddings and point 2 of Proposition 28, we have that (74) — >J a if GO nT . . . fik sT . . . s7 — a, 
for some a. We observe that, by the definition of G, we have GO nT . . . ri^ sT...s70^i [3] °0 nT . . . TTiT sT . . . s7 0, so we are left 
to prove [g]°0 nT . . . Wk'sT . . . s70 — »^ a, for some a, and that a, in fact, is n. 

To prove this, we start by the induction. It implies \g{n\\-k}, % ; i])J — *t> n. Then, we observe that, by the definition of the 
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embeddings, and thanks to Point 4 of Theorem 5: 

= <r"' +1_m8 [Ee^[[3]°](El^- pi [[ni]]) ■ • • (Eir K 1K-l]) 
](ElS'-' 1 [[ Sl ]])...(ElS'-"W]) 

ee Ev^- u ' +1 - ms [Ee^feHM . . . KJ][*i] • ■ ■ M 
4- „ i/ — u'+l— m„ r u' — 1 rr ioi= ^=i^ = 

-*™ Ev 0;i L Ee o;fc+z LLS-J \ni...n k \si...si 

-^t \g]°nT ■ ■ -WsT ■ ■ -si (75) 

1130 The sequences of rewritings that lead to (75) is unique up to the ordering in which we obtain every of the arguments 7TT, . . . ,nfe",sl, . . . ,s7. 
So, thanks to [,g(n[ 1;fc ], S[i ; n)] — >t, n it must be (75) — >+ n showing that a is, in fact, n. 

Second case. It has r k+1 ' 1 [g, ho, hi](rio, H[i-k] , — n with no = X/Jlo 2 m ~" , f m -j > 0, for some n. By definition: 

m 

r fc+1,! [g, /i , hi](y* j 2™~ 3 v m -j, n [1;fc] , s [1;i] ) 

m — 1 m— 2 

3=0 3=0 

• ■ ■ ,^ m (0,n [1;fc ],s [1;i ],3(0,n [1;fc] ,s [1;i ]))) . . .)) 

771 — 1 m — 2 

= ( 2 m ~ 1 ~ J ^m-3 , n[i ;fc ] , S[i ;i ] ,h vi (^2 2 m " 2- - 7 i/ m _j , n[i ;fe ] , 

3=0 3=0 

...,ft„ m (0,n[ 1;fe ],%;i],o))...)) 

771—1 m — 2 

= h "oC^2i 2 m ~ 1 ~ : ' i^m-j , n[i ;fc ] , % ; ;] , fti/i ( ^ 2 m " 2 " J ^ m _j,fl[ 1;fc ],S[ 1; ;], . . . ,« m ) . . .)) 



3=0 3=0 
m— 1 

= ^o(^Z 2 m ~ 1 ~ J fm-3,n [ i. fe ],s [ i. ;] ,i;i) = v 

3=0 

for some sequence of natural numbers n = Vo, V\, . . . , v m , a. 

Since h Ui S {ho, hi}, for every 1 < i < m, we can apply the induction to h Um (0, , svy.n , a) = v m , which 
implies: 

lhv m (p,n[ 1;k ],S[x ; i],a)J — >J , (76) 
to h Vi (J2 1 j l =o t+1 '' 2 m_ ^ t+1 ^ _3 'i / m _j, n[i ; fc], S[x ; i], u»+i) = Wj, for every < i < m — 1, which implies: 

m-(i+l) 

2 m " ( ' +1)_; '^ m _j,n[ 1;fe] ,s [1 . ;] ,Ui + i)l -»+ W , (77) 

3 = 

and, finally, to g(n\i ; k] , sn-n) = a, which implies: 

>%;!])! "4 ^ • (78) 

The statement we need to prove is [r fe+1, '[<7, /i , /ii](n , «[i ; fe]i - *i 77 with n = Sj=o ^ m ~^ u m-i- 
By the definitions and point 4 of Theorem 5, we get: 

[r +1 ' l [g, h , hi](H[ . k] , sjx.q )] 

-»+ It 1+k , i [[//o]°,[//i]°,[G'] ]^wf...wrif...l7 (79) 

where G = Ee£™f +1 [\n . . .n k si . . . s t r.{g}° m . . . n k 8l . . . si], 0; 0; h [g}° : (— f =1 $W) (— J =1 $ ra « W) - 
• $ m «W, Hi = Ee^ +1 [[/i]°], 0;0;0 h : $W (-. ? =1 $W) (-. ^ =1 $ m =W) $" l =W, and p = 
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max{m ff , m , mi}, with i 6 {0,1}. By point 2 of Proposition 28, we have that (79) — ►+ r[m, n, rii, . . . , n/., Si, • • - , Si] 
if: 

,*i] 

(i + 1), n G , m, . . . , n k , Si, . . . , sj] 

r [ m — h ^G, Til , • ■ • , Tlfe, SI, . . . , Si] , 

every r[m — (i + 1), ng, n 1; . . . , n^, Si, • • • , sj] being a word and every <G {0, 1}, with < i < i 
left to prove: 

r[0,riG,ni,. . . , nk, si, ■ ■ ■ , sj] = u^T 
r[m — (i + l),riG,ni, . . . , n fe , si, . . . , s;] = W+T 

7iG = a 

for every < i < m — 1. In fact, the here above three equations can be a consequence of proving: 

H Vrn 0ni . . .nfcsT • ■ -Sia —>Z,Vm (83) 

m-(i + l) 

H Vi 2 m -( i + 1 )-^ m _ J Wr...Wfeir...ir^Tr^i W (84) 

3=0 

GOrTf. . . r^sl. . . s70 — >^ a , (85) 

for every < i < m — 1. For proving (83), (84), and (85), we start by the results (76), (77), and (78) the inductive 
1135 hypothesis gives us. (85) can be proved exactly as we did in the first case above, when no = 0. (84) holds by 
developing the definitions and observing that (76) reduces to [/i„ m ]° OnT. • • nk sT • ■ • 

si a in a unique way, up to the order of the evaluation of |0J — 0, [n.;] — >+ 7z7, and fsjj — sj, for every 1 < i < k 

and 1 < j < I. So, it must also be [h Vm }° OrTi. . . n~k si ■ ■ ~ >i Vm, getting (80). We can proceed analogously to 
prove (81), for every < i < m — 1. 

1140 Proof of Corollary 5 By structural induction on the structure of t. If t is a variable we use point 4 of Theorem 5. 
Let t be f(t\, ui, ... , u{). The assumption f(t±, . . . , tk, U\, . . . , Ui) = n implies both ti is closed, and t, = m, 

for some n,, with < i < k, and, analogously, both Uj is closed, and Uj = Sj, for some Sj, with < j < I. So, the 
points 4 and 5 of Theorem 5 allow to write [/(ti, . . . , ifc, u\, . . . , — >* [/]° W[ . . . rik 'si • ■ ■ 37 — >^ n. 



G ni . . . nfc si . . . s; — * w ug 

nT . . . nfc si . . . ~ nc" — >^ r [0, tig , ni , 



-(i+i) 



2 m ( i+1 > 'v m -j | ni . . . n,fc si . . . sjr[m - 



— 1. So, we are 

(80) 
(81) 
(82) 
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